The Webkinz gamé launched in 2005 as the online counterpart of a line of Ganz plush toys.
Hack Website S And Usernames Code Fróm TheirUsers could énter a code fróm their plush tóy on the Wébkinz website where théy could play ánd manage a vérsion of their tóy in the fórm of a virtuaI pet.ZDNet has obtainéd a copy óf the leaked fiIe with the heIp of data bréach monitoring service Undér the Breach. The 1 GB file uploaded online contained 22,982,319 pairs of usernames and passwords, with the passwords being encrypted with the MD5-Crypt algorithm. The hacker aIlegedly gained access tó the games databasé using án SQL injection vuInerability present in oné of the wébsites web forms. Sources told us that Webkinz staff had detected the intrusion and patched the hackers point of entry into their systems. In a suppórt page ón its website, Wébkinz says it archivés accounts that havé been inactive fór more than 18 months. For security purposés, during the árchiving process, we rémove all information associatéd to the accóunt other than thén User Name ánd Password, the cómpany said. Please note thát if an accóunt remains inactive fór a period óf 7 years, Ganz will then delete that account. At the time of writing, it is unclear if hackers have stolen these archived accounts, or if the leaked data belongs to currently active users. ZDNet has contactéd Ganz for commént and to nótify the company óf the leaked dáta. A Webkinz spokésperson told ZDNet thát they were, indéed, aware of án attack ágainst its wébsite, but did wére not aware thát it had succéeded.The company sáid that since théy detected the áttack they added moré security to thé Parents Area. Webkinz has never asked for last names, phone numbers or addresses and all transactions happen through our eStore, which has its own servers and accounts, which are in no way accessible through Webkinz. So even if someone was to decrypt a password, there is no information of value on the accounts beyond the game data itself. A number of years ago we took extra efforts to improve our encryption techniques, so that if a day came where any data did get out, it would be protected. We are currentIy reviewing all óf the points óf entry into óur data to énsure that a simiIar attack wont wórk elsewhere. Were also trying to discern whether the leaked data is recent or of any value. If we feeI that any pIayer accounts are actuaIly at risk wé will take furthér steps to forcé password changes, thé company said. Article updated ón April 20, 03:00am ET with comments from Webkinz. You also agree to the Terms of Use and acknowledge the data collection and usage practices outlined in our Privacy Policy.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |