Hackers Hacked the Neopets Virtual Pet Community, Stolen 69 Million Users' Data

The hacker claimed to have stolen information from the virtual pet site Neopets, which is used by 69 million users of the service. The fact of the hack is also confirmed by messages on the official Neopets accounts on Twitter and Instagram.


Readers collected $180,000 for a fighter jet for the Armed Forces of Ukraine in 10 days (another $2.5 million is needed).  They help shoot down Russian missiles

The Twitter post said that Neopets “recently became aware of a possible theft of customer data” and hired the company to investigate. Publications in social networks did not contain additional information about the extent of the hack. However, the company recommends that all users of the site change their passwords as a precautionary measure.

On Tuesday, a hacker named TarTarX began offering data for sale on a hacker forum. He asked for a price of 4 bitcoins, which is equivalent to about $90.5 thousand. According to the hacker, the database includes usernames, email addresses, passwords, date of birth, zip code, gender and country. Thus, the leak could be used for phishing or other ways to deceive Neopets users.


Full Stack evening

Take off the task of fahivtsiv, what to practice, and check in at the right time


Full Stack evening

The hacker’s forum post also claims that they can still access the active version of the Neopets site’s database. This fact was confirmed by the owner of the hacker forum where the data was posted. If this is true, then even the precautions recommended by Neopets will not be enough to protect the user account from unauthorized access.

The Neopets site was launched in 1999 and has often suffered from security issues in recent years, especially after ownership changed from Viacom to JumpStart Games in 2014. In 2016, there was a similar leak of data from tens of millions of users, which were then sold on hacker forums. And in 2020, security researchers discovered that the site’s entire codebase was being sold because of admin credentials that were written directly into code sections discovered by hackers.

Source: The Verge

YOU CAN ALSO READ:  Explosion of bluetooth headphones while in use killed a person

Write A Comment