9.7 C
New York
Thursday, April 25, 2024

Buy now

Neopets warns of ongoing data breach affecting 69m accounts

A Neopet.

Neopets has suffered a serious data breach, resulting in personal information such as email addresses and passwords from over 69m accounts being leaked.

Users are now being urged to change their password for Neopets and any sites that use their Neopets password.

On Wednesday, community site Jellyneo revealed that Neopets is actively being hacked.

Watch on YouTube

Eurogamer Newscast: Why are video game companies still trying to flog NFTs?

With help from an anonymous tip, they discovered the database and source code for Neopets was being sold on a hacker website. The seller was offering this access to buyers for 4 Bitcoin, which at the time of the breach was revealed was worth around $94,500.

#Neopets actively being breached, over 69 million accounts affected, live database access offered for sale on black market. Read more here: https://t.co/UdP9C5XVUo

Will update once TNT posts an update confirming that this access has been closed.

— Jellyneo.net (@jellyneo) July 20, 2022

To see this content please enable targeting cookies.

For an additional fee, the seller was offering live access to the database, meaning that even if users changed their password, their information would still be available on the black market.

Neopets support team TNT issued a statement a few hours after the hack was publicised by Jellyneo, stating its acknowledgement of the issue in which “customer data may have been stolen”. The team further stated it was investigating the hack fully and had contacted a forensics firm and law enforcement to aid the investigation. In the meantime, TNT asked users to change their password.

Neopets recently became aware that customer data may have been stolen. We immediately launched an investigation assisted by a leading forensics firm. We are also engaging law enforcement and enhancing the protections for our systems and our user data. (1/3)

— neopets (@Neopets) July 21, 2022

To see this content please enable targeting cookies.

Payment methods are not thought to be at risk, but TNT is yet to respond to this question which is a point of concern for many of its users.

The Neopets website received an update early this morning, which repeats the previous statement from TNT to ensure users are aware of the ongoing matter.

Neopets site announcement regarding the data breach.
The information announcement added to the front page of Neopets.

At time of writing, there have been no further updates from TNT on whether financial information is at risk, the source of the hack, or whether the security flaw that allowed external access has been patched.

As of today, there have been no further updates by @Neopets regarding the breach and whether it has been patched yet or not.

If youre just tuning in, the best thing you can do right now is make sure any *other* sites you share passwords with are updated with unique passwords. https://t.co/WeThcX6qjn

— Jellyneo.net (@jellyneo) July 22, 2022

To see this content please enable targeting cookies.

Users should change any passwords for sites which shared their Neopets password whilst the vulnerability is still unconfirmed to have been fixed.

Related Articles

Latest Articles