Neopets has been hacked and data for almost 69M accounts appears to be up for sale

pcgamer.com:

Neopets, a popular virtual pet-keeping browser game born of the late '90s, has been victim of a data breach. Hackers claiming to be behind the attack say they have personal account info of more than 69 million members, along with a bunch of the site's source code, and are willing to sell the data off for a fee.

The browser game has been wracked with cheaters(opens in new tab) for some time, but this just takes the biscuit. Since the site has begun associating itself with NFTs, it appears to have drawn some unwanted attention. Now, it may have gotten worse, as the company investigates a data breach where customer data may have been taken off its servers. It says usernames and passwords connected to the platform may be affected,  but email addresses, Neopets users' ages, genders, countries, birth dates, and even IP addresses are allegedly being auctioned off.

The official Neopets Twitter page has posted a warning to users, with the thread strongly recommending users change their Neopets password, and any accounts that use the same password (we advise you to never use the same password for multiple sites(opens in new tab), anyway). 

It also notes that the breach is being looked into by a «leading forensics firm,» though no name has been given as to which one.

Neopets recently became aware that customer data may have been stolen. We immediately launched an investigation assisted by a leading forensics firm. We are also engaging law enforcement and enhancing the protections for our systems and our user data. (1/3)July 21, 2022

The data appears to have been put up for sale on popular hacking forum, Breached.co (via Bleeping Computer(opens in new tab)), where one hacker known as TarTarX claims to have live access to the hacked