You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
Neopets, a popular virtual pet-keeping browser game born of the late '90s, has been victim of a data breach. Hackers claiming to be behind the attack say they have personal account info of more than 69 million members, along with a bunch of the site's source code, and are willing to sell the data off for a fee.
The browser game has been wracked with cheaters for some time, but this just takes the biscuit. Since the site has begun associating itself with NFTs, it appears to have drawn some unwanted attention. Now, it may have gotten worse, as the company investigates a data breach where customer data may have been taken off its servers. It says usernames and passwords connected to the platform may be affected, but email addresses, Neopets users' ages, genders, countries, birth dates, and even IP addresses are allegedly being auctioned off.
The official Neopets Twitter page has posted a warning to users, with the thread strongly recommending users change their Neopets password, and any accounts that use the same password (we advise you to never use the same password for multiple sites, anyway).
It also notes that the breach is being looked into by a "leading forensics firm," though no name has been given as to which one.
Neopets recently became aware that customer data may have been stolen. We immediately launched an investigation assisted by a leading forensics firm. We are also engaging law enforcement and enhancing the protections for our systems and our user data. (1/3)July 21, 2022
The data appears to have been put up for sale on popular hacking forum, Breached.co (via Bleeping Computer), where one hacker known as TarTarX claims to have live access to the hacked database. For access to a snapshot of the database, the hacker is asking for four bitcoin (approximately $94,500). They note that they are "open to hear offers," and will accept other cryptocurrencies for the data. For an additional fee, they're offering live access to the database.
The validity of TarTarX's claims has apparently been confirmed by the hacking site's owner, pompompurin, who tried creating an account and was promptly sent their data back. What this means is the hacker may well have continued access to the data, so anyone with enough cryptocurrency to blow can allegedly watch people scramble to change their passwords and simply nab them after the fact.
If you head to Neopets' account security page, it confusingly says that "contrary to what many people claim, no one has ever "hacked into our site" and accessed user information, accounts or usernames. The ONLY means by which a user can have his/her [their, actually] account stolen by someone else is when that user inadvertently or intentionally gives out their account password."
"People like to say they have been hacked, as it makes them feel a little better than admitting they have fallen for a scam, or just simply given away their password to the first person that asked them for it. However, there are a number of things you can do to help keep your account secure."
That statement might be a little out of date now.
Best gaming PC: The top pre-built machines from the pros
Best gaming laptop: Perfect notebooks for mobile gaming
After hearing the news, I tried to delete my account through this link, but my initial attempt was met with the message above. I suspect it's something to do with the volume of people likely deleting their accounts right now.
A second attempt then finally allowed me to delete my account, and I'm sorry to be leaving but, and I suspect plenty of people (particularly parents of younger users) will be following suit.
