69 million users’ accounts are at risk as virtual pet website Neopets has fallen victim to a massive hack.
An official announcement was made by Jump Start Games on the Neopets Twitter page yesterday, as they reveal that the still popular virtual pet website has been hacked. Users are being advised to change their passwords, as their email addresses and passwords may have been affected.
“Neopets recently became aware that customer data may have been stolen. We immediately launched an investigation assisted by a leading forensics firm. We are also engaging law enforcement and enhancing the protections for our systems and our user data”, they explain on social media.
While Neopets are suggesting you change your passwords and details, Jellyneo.net, a popular Neopets community, is advising instead to make sure the password you use for the website isn’t used with any other websites you may frequent.
The hack was initially discovered by the community website JellyNeo earlier in the week. And although the team at Neopets hasn’t shared any exact details about what’s happening, Bleeping Computer has discovered that a hacker named ‘TarTarX’ may be responsible.
Talking to Bleeping Computer, the hacker TarTarX explains that they “stole the database and approximately 460MB (compressed) of source code for the neopets.com website.”
TarTarX posted to a Hacker forum that they are selling the source code and database for the virtual pet website for four Bitcoins, which is approximately £77,921 GBP with today’s exchange rates.
The hacker continued to explain to the website that the database they’re selling contains the information of over 69 million members’ accounts. Which includes a lot of identifying data, such as their usernames, names, email addresses, date of birth and passwords.
This isn’t even Neopets first hack
This recent Neopets hack isn’t the first the virtual pet website has had to deal with.
Back in 2016, breached data taken from the Neopets website was discovered being circulated online.
Neopets took to their official Facebook page many years ago to announce that “recent reports that have come to our attention regarding an alleged data breach to our Neopets’ account database in which a large amount of information from player accounts may have been leaked to third parties. To be clear, this is specific to the Usernames, Passwords, Email Addresses, Birthdates, and Countries tied to player accounts.”
During that time, tens of millions of user accounts were compromised and distributed online. And upsettingly, some Neopets users took this hack as an opportunity to access other users’ accounts to trade rare Neopets, items and even in-game currency.
So far, the tweet posted above by Neopets is still the most recent update from the site itself.
If you’re a Neopets user, please keep up to date with the hack via the Jellyneo.net and Neopets Twitter pages.
Be sure any password you used for your Neopets account, isn’t used anywhere else. And if it is, get to changing those passwords asap.
I hope the issue gets resolved soon so you all regain access to your Neopets, and can yet again get a free daily omelette from the Giant Omelette in Trannia. If that’s still a thing.
Feature Image Credit: Jump Start Games. Source: Bleeping Computer.