Webkinz World children’s game security breach leaves accounts details of 23 million users out in the open

By Digit NewsDesk | Published on 20 Apr 2020
Webkinz World children’s game security breach leaves accounts details of 23 million users out in the open
HIGHLIGHTS

Webkinz security breach leaks over 23 million account details.

Webkinz has patched the vulnerability but database leaked on hacker forums.

Webkinz is one of the most popular games for children.

Advertisements

Access Open Source Technology

Innovate w/ IBM and Discover New Open Source Technology Today. Learn More.

Click here to know more

Online children's game Webkinz suffered a security breach earlier this month that rendered details of over 23 million users out by an anonymous hacker. Webkinz World by the Canadian toy company Ganz was launched back in 2005 and is considered one of the most popular children’s games of all time.

According to a report by ZDNet, an anonymous hacker gained access to Webkinz database containing usernames and passwords of over 23 million users and leaked it on a popular internet forum. ZDNet further reports that it was able to get access to the leaked database and confirms that over 22,982,319 sets of usernames and passwords were stolen in the security breach.

The hacker used an SQL injection vulnerability on the Webkinz website to gain access to the database of registered users. The vulnerability on the website has been doing rounds of various hacker forums on the internet for quite some time now. The individuals responsible for the breach have also gained access to email addresses of parents, but this database hasn’t been leaked publically as yet. It is also unclear whether hackers have been able to access details of archived accounts as well.

However, Webkinz detected the vulnerability and has patched it to prevent further attacks on its database. In a statement, the company says, “Webkinz has never asked for last names, phone numbers or addresses and all transactions happen through our eStore, which has its own servers and accounts, which are in no way accessible through Webkinz. So even if someone was to decrypt a password, there is no information of value on the accounts beyond the game data itself."

The company is also improving its encryption techniques and is reviewing all points of entry into their system. While Webkinz hasn’t asked its users to change passwords in the wake of the security lapse, the company is currently assessing the risk and will contact users in case password changes are required.

 
logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.

DMCA.com Protection Status