Neopets Hack May Have Revealed Millions of User Passwords [IGN]

As reported by Polygon, the data breach was first reported by community site JellyNeo on July 20, with the official Neopets Twitter subsequently posting an announcement and warning (below) that recommends users change their password on Neopets and any other website where the same login information is used.

“Neopets recently became aware that customer data may have been stolen,” the post said. “It appears that email addresses and passwords used to access Neopets accounts may have been affected.”

It added: “As our investigation continues, we will update you as appropriate. We truly appreciate your patience and understanding at this time.”

Neopets recently became aware that customer data may have been stolen. We immediately launched an investigation assisted by a leading forensics firm. We are also engaging law enforcement and enhancing the protections for our systems and our user data. (1/3)

— neopets (@Neopets) July 21, 2022

Immediately following the breach, the development team said, it launched an investigation with help from a leading forensics firm, notified law enforcement, and upgraded its system and data protection. The full extent of the breach is currently unclear and the Neopets team is yet to confirm whether or not users’ credit card information has also been compromised.

The hacker allegedly offered to sell the full database and source code according to JellyNeo, for a price of four Bitcoin (around $90,000). They also offered live access to the database for an additional fee.

Ryan Dinsdale is an IGN freelancer. He’ll talk about The Witcher all day.