Neopets, a popular virtual pet-keeping social site, has been hacked. The 90’s game has become a victim of a data breach, and the alleged hacker has claimed the personal information of more than 69-million members in addition to the source code of the site. The hacker claims that they’re willing to sell the information for a small fee.
The big data breach
The web game has always been plagued with cheaters, but this one tops them all. The website looks to have attracted some unwelcome attention ever since it started identifying itself with NFTs. As the business looks into a data breach where client data may have been stolen from its systems, things could now have grown worse.
Email addresses, Neopets users’ ages, genders, nationalities, birth dates, and even IP addresses are purportedly being auctioned out, along with usernames and passwords linked to the site, according to the report by Bleeping Computer.
Users are strongly advised to change their Neopets password and the passwords for any other accounts that also use Neopets on their official Twitter page, which has tweeted the following warning to its users:
Neopets recently became aware that customer data may have been stolen. We immediately launched an investigation assisted by a leading forensics firm. We are also engaging law enforcement and enhancing the protections for our systems and our user data. (1/3)
— neopets (@Neopets) July 21, 2022
It also mentions that a “major forensics firm” is investigating the hack. However, no specific name has been provided.
One hacker going by the name TarTarX claims to have active access to the compromised database on the well-known hacking site Breached.co , where the data appears to have been listed for sale. The hacker is demanding four bitcoin, or around $94,500, in exchange for access to a database snapshot. They said they are “open to hear proposals” and will take other cryptocurrencies in exchange for the information. They are providing live database access for an extra cost.
The proprietor of the hacking website, pompompurin, purportedly verified TarTarX’s allegations by attempting to create an account and soon receiving their data back. This implies that the hacker may still have access to the data, making it possible for anyone with access to large amounts of cryptocurrencies to watch as individuals rush to change their passwords and then steal them after the fact.
If you go to the account security page for Neopets, it reads, confusingly:
Contrary to popular belief, nobody has ever “hacked into” our website and gained access to user data, accounts, or usernames. When a person divulges their account password, that is the ONLY way for someone else to take over their account.
People like to say they have been hacked as it makes them feel a bit better than admitting they have fallen for a scam or have just provided their password to the first person who asked for it, many like to claim they have been hacked. To help keep your account safe, there are a few things you can do.
That assertion could be a little outdated at this point, though. Thousands of users have clamored to delete their Neopets accounts or reset their passwords following the release of this news. So, are you getting off the platform, or do you just not care about data breaches?
We’ll further update you as we’ll be covering any news first on Appuals, so stay tuned for more.