Neopets breach allegedly compromises 69m accounts

gamesindustry.biz:

Marie Dealessandri

Features Editor

Monday 25th July 2022

A breach at Neopets may have compromised the data of over 69 million accounts.

According to Polygon, the incident happened last week, with the company then confirming it in a statement shared on Twitter last Wednesday.

Users' email addresses and passwords "may have been affected," Neopets said, inviting players to change their passwords.

"Neopets recently became aware that customer data may have been stolen," the message read. "We immediately launched an investigation assisted by a leading forensics firm. We are also engaging law enforcement and enhancing the protections for our systems and our user data."

The breach was initially reported by Neopets community website JellyNeo, which said it had been tipped anonymously about Neopets' database and source code being hacked, allegedly impacting 69 million user accounts.

"Full account information, such as email address, passwords, gender, IP addresses, countries, and birthdays are available for sale on a hacker website," JellyNeo alleged.

"Access to the full database and a copy of Neopets.com source code is being offered for 4 Bitcoin (~$94,500 USD at time of writing). For an additional fee, the seller is offering live access to the database."

These information have not been confirmed by the Neopets team, with the official message just saying that the team will provide updates "as [the] investigation continues."