Update December 4, 2025: more accounts appear to be getting hacked from what I read here and Roblox doesn’t care and bans these innocent people for child exploitation. Or even Billing dispute: https://www.reddit.com/r/ROBLOXBans/comments/1pd18wt/is_a_ban_wave_happening/
Update December 1, 2025: Another person been through the same account hack and got wrongly banned. See the post on Reddit: Banned for 7 days for : r/ROBLOXBans. I am afraid Roblox continues punishing the victims of hackers. They are not stopping this. They punish accounts being hacked when it is their responsibility. It is Roblox who runs the Roblox.com website, their security systems. They are responsible for accounts being hacked when a user there doesn’t do anything stupid like giving up passwords.
We have evidence that Roblox has been allowing hackers to hack their customer’s accounts even with two-factor authentication/two-step verification and they don’t do anything about it or in the worst case they ban the victim like they did with me.
We have evidence from scraping public posts from social media platforms. Roblox is allowing hacking of Roblox accounts, does nothing about it. When you push for a refund of any hacker purchased robux, Roblox punishes the victim’s account with a ban and threatens to close the victim’s Roblox account. Even when evidence and affidavits are provided, they disregard all evidence and punish your account with no guarantee of a refund either.
The evidence is hundreds of online posts of Roblox users saying that their accounts got hacked even when they had two-step verification enabled on their accounts and are furious about Roblox doing absolutely nothing about it.
What is two-step verification?
Two-step verification is a process that involves two authentication steps performed one after the other to verify that someone or something requesting access is who or what they say they are. See article: What is two-step verification? | Definition from TechTarget
We asked GROK AI to do an investigation of all public posts to find the nuggets of truth regarding Roblox taking no action against anybody who was victimized by hackers.
https://twitter.com/i/grok/share/YELy5Cd3ANWaumO4bFdUA8qt2
GROK AI said there was approximately 100 unique users who have reported that “reported their Roblox account being hacked despite having two-step verification enabled. This estimate is derived from searching for relevant keywords and phrases (e.g., “Roblox hacked 2FA despite,” “my Roblox account hacked even with 2FA”) across recent and historical posts, focusing on personal reports rather than general discussions or advice.”
GROK AI: Based on an analysis of public posts on X, approximately 100 unique users have reported their Roblox account being hacked despite having two-step verification enabled. This estimate is derived from searching for relevant keywords and phrases (e.g., “Roblox hacked 2FA despite,” “my Roblox account hacked even with 2FA”) across recent and historical posts, focusing on personal reports rather than general discussions or advice. The actual number could be higher, as not all victims post publicly on X, and search results may not capture every variation in phrasing. However, it’s likely closer to 100 than 1,000, given the limited volume of matching posts over multiple years (Roblox introduced 2FA in 2021). No comprehensive statistics from Roblox or third-party sources were found to suggest a larger scale on X specifically.
https://twitter.com/i/grok/share/1tUiI0eoxQiQH90YNjCKSvvLG
GROK AI said there was approximately 100 unique users on Reddit who have reported that reported their Roblox account being hacked despite having two-step verification enabled.
Based on public Reddit posts analyzed across multiple searches, the number of users who have reported their Roblox account being hacked despite having two-step verification/two-factor authentication enabled is estimated to be around 100. This figure accounts for original posters and commenters sharing personal experiences in relevant threads, spanning from 2017 to mid-2025. The estimate is derived from approximately 10-20 primary threads directly matching the criteria, with an average of 2-5 unique reports per thread (including discussions where additional users chime in with similar stories). Many related threads involve cases where hackers enabled 2FA after the breach, which does not match the “despite 2FA” condition.This is a conservative statistical approximation, as not all Reddit users post about such incidents, and searches may miss variations in phrasing. It is not 1,000 or more, as the volume of matching public reports does not indicate that scale.
Anybody who doesn’t believe Roblox would knowingly allow hackers to attack their users on their platform and steal their hard-earned real-life money and virtual money of robux, I will post some screenshots of what GROK AI had likely found. I found the posts myself, a few of them which reported they were hacked by a Russian IP Address, same as what happened to Roblox Account: Brianhi33alt which is Angel Girl Brianna’s official Roblox account. So, there is a pattern of this Russian IP Address or Russian IP Addresses hacking Roblox accounts which Roblox tells its users through its automated system. Then Roblox does nothing about it and punishes the customer.
https://x.com/berkrunnerx/status/1897516615291248998
A poll was posted on the Roblox community Twitter/X forum/board. Asking people on the Roblox community board about whether their account was hacked even when after using two-factor authentication/two-step verification.
From a polling of 113 votes, 17.7% voted that “Yes, 2FA was bypassed” in regard to the account being hacked. 8% voted “yes”. In total the percentage of yes votes would be around 25.7% of Roblox users voting in the poll which started on August 22, 2025.
More evidence is coming unless Roblox threatens us with a cease-and-desist demand next. It is likely coming. We will be targeted just like Schlep.
Roblox is permitting hacking which is a federal crime.
When Roblox allows money to be stolen from Roblox accounts, then it is an act of wire fraud in violation of 18 U.S.C. § 1343. Wire fraud is governed by 18 U.S.C. § 1343, which prohibits using any means of wire communication in connection with the commission of a fraudulent scheme. This federal offense involves executing fraudulent schemes through electronic communications, such as phone calls or emails, to deceive individuals or entities for financial gain. The statute outlines that anyone who devises a scheme to defraud and transmits information via wire in interstate or foreign commerce can be charged with wire fraud. Penalties for wire fraud can include significant fines and imprisonment, depending on the severity of the offense.
Hacking is a crime and deceives the platform into believing the user of the account is the legitimate user when it wasn’t. See 18 U.S.C. § 1030.
If Roblox knows accounts are being hacked and isn’t reporting them to law enforcement and does nothing about it, then they are complicit in these types of crimes. They are complicit in money laundering, hacking, and fraud. Roblox has become an accessory after the fact because they know what is going on and does nothing about it. When they punish the victim, they are helping the hackers feel safe from prosecution and make the victims want to quit Roblox. This is wrong on so many levels.
About the Author
2 thoughts on “Evidence Roblox is allowing hackers to steal money and bypass 2FA”