“2.4M+ VRChat users’ data accessed following cloud breach,” The Register reported on 2026/06/11.
2.4M+ VRChat users’ data accessed
The headline published by The Register states, verbatim, that "2.4M+ VRChat users’ data" were accessed. That figure — presented as "2.4M+" — is the central factual claim available in the published report. The phrase used in the headline is precise in two respects the publisher chose to highlight: the scale (more than 2.4 million users) and the outcome (data were accessed).
VRChat
The named actor in the report is VRChat. The Register's headline identifies VRChat as the service associated with the accessed data; no other platform or third-party name appears in the headline itself. The story, as headlined, ties the affected user dataset directly to VRChat.
Cloud breach
The Register’s wording links the data access to a "cloud breach." The headline reads that the access to user data occurred "following cloud breach," indicating the reported sequence: a cloud breach preceded the access. The single-line phrasing in the headline therefore conveys both the reported mechanism (a breach in cloud infrastructure or services) and the temporal relationship (access occurred after that breach).
The Register report (11 June 2026)
The item appears on The Register's site at the URL provided by the publisher: https://www.theregister.com/security/2026/06/11/24m-vrchat-users-data-accessed-following-cloud-breach/ — which embeds the date 2026/06/11 in the path. The Register's headline is the source material for the facts used in this piece: the scale ("2.4M+"), the subject ("VRChat users' data"), and the reported cause or vector ("cloud breach").
The public record available here is limited to the headline-level assertions published at The Register; those assertions are clear and narrowly worded. They convey a large user-impact number, a named platform, and a described vector. Beyond those headline elements — the numeric scale, the name "VRChat," and the phrase "cloud breach" — the source material provided does not supply additional specifics about what data were accessed, who accessed them, what cloud service or configuration was implicated, whether VRChat or any other party has commented, or what remedial steps, if any, were taken.
For readers relying on the published report: The core facts to carry forward from the source are the scale ("2.4M+"), the affected service ("VRChat"), and the proximate cause as described by the publisher ("cloud breach"). The original Register item is available at the link below for anyone seeking the primary account as published on 2026/06/11.
