Genshin Impact players revealed that the miHoYo account website would not hide your linked mobile phone number when you (or anyone else) try to recover the password.
This is a huge oversight by the Chinese developer, which might seriously endanger players' security and privacy.
Several players have shared screenshots showing that when they try to recover their passwords for an account linked to their mobile phone number, the miHoYo account website will not hide or partially censor the mobile number at all, but the number will be fully revealed instead.
This means that anyone can simply go to the game's website, go to "forgot password " and enter your username, and if you linked a mobile number, it will not be censored at all.
An example can be seen in the picture below:
In this way, anyone can find out your phone number just by knowing your username, which is especially problematic for streamers, since their username is known by many who watch their streams.
Interestingly enough, if your account is connected with an email instead, the email address will be partially censored.
Another user has shared a screenshot of the Genshin Impact PC login screen, which apparently also reveals your phone number completely if the account is linked to a mobile number.
It goes without saying that this severely breaches all data protection laws, and it poses a serious threat to users' data security and privacy.
Until the issue is being solved, we advise you to urgently unlink your phone number from your Genshin Impact account, as it is currently exposed and can be easily accessed with this method by practically anyone who knows your username in the game.
- Read more: Genshin Impact's latest event banner "Farewell of Snezhnaya" starting soon, including Childe
At the time of writing this article, Genshin Impact account website is currently down, so it is possible that miHoYo is aware of this issue and are trying to fix it, while temporarily shutting down the website in order to protect players' phone numbers from a potential exploit caused by this leak.
Genshin Impact has been released on 28th September and quickly became one of the most popular games of today, with over 30 million active players, which phone numbers now might be exposed.
We will follow the situation closely and update the article with new information.