The team at Neopets has acknowledged that their website has been accessed by a hacker, potentially compromising over 69 million user accounts. Hacked info includes usernames, passwords, account info, and possibly even IP Addresses.
In a statement released by the website, users are urged to change their passwords immediately. However according to PC Gamer, the hacker appears to have maintained access to the site’s inner workings. The hacker proved this by showing one user they could immediately find their account info on a freshly made account.
The hacker is selling the data for four bitcoins (Roughly $94,500), and is also selling access to the live site. The Neopets Team (TNT) has stated they’re working law enforcement and a digital forensics firm in order to secure the site and possibly seek punishment for the hacker.
You would think a pet-raising website that has been around since 1999 would be on top of site security; especially if you’re trying to get that site into NFTs and crypto.
Neopets has also recently launched a splash page for users when they come to the site in the wake of the hack, posting a warning that reads:
Important Announcement!
Neopets recently became aware that customer data may have been stolen.
We immediately launched an investigation assisted by a leading forensics firm. We are also engaging law enforcement and enhancing the protections for our systems and our user data.
It appears that email addresses and passwords used to access Neopets accounts may have been affected.
We strongly recommend that you change your Neopets password. If you use the same password on other websites, we recommend that you also change those passwords.
As our investigation continues, we will update you as appropriate. We truly appreciate your patience and understanding at this time.
Thank you.