• Home
  • Advertising
    • Why Advertise
    • Create Your Campaign
  • About
    • About Security on Screen
    • Privacy Policy
  • Webinars
  • Social Wall
  • Contact Us
Friday, July 1, 2022
No Result
View All Result
  • Login
  • Register

No products in the basket.

Submit News
Submit video
  • Create Your Campaign
  • Product Groups
    • Access Control
    • Biometrics
    • Physical Security
    • Smart City
    • Surveillance
    • Systems Integration
  • Cyber-Security
  • Industry sectors
    • Banking
    • Casinos
    • City Surveillance
    • Data Centres
    • Government
    • Healthcare
    • Leisure
    • Manufacturing
    • Retail
    • Schools and Campus Security
    • Transport
    • Utilities
  • Business News
    • New Technology
    • Opinion
    • People
    • Education & Events
  • Create Your Campaign
  • Product Groups
    • Access Control
    • Biometrics
    • Physical Security
    • Smart City
    • Surveillance
    • Systems Integration
  • Cyber-Security
  • Industry sectors
    • Banking
    • Casinos
    • City Surveillance
    • Data Centres
    • Government
    • Healthcare
    • Leisure
    • Manufacturing
    • Retail
    • Schools and Campus Security
    • Transport
    • Utilities
  • Business News
    • New Technology
    • Opinion
    • People
    • Education & Events
No Result
View All Result
No Result
View All Result

Animal Jam reveals data breach affecting 46 million user accounts

by James Ling
16/11/2020
in Business News, Cyber Security, PRESS RELEASE

Online children’s game, Animal Jam has been hit by a severe data breach, impacting 46 million user accounts. Developer of Animal Jam, WildWorks, stated that Animal Jam user data was stolen in connection with a recent attack on the server of a vendor it uses for intra-company communication.

The virtual world game was launched in 2010 and has approximately 130 million user and over 300 million individual avatars. The game’s database contains; email addresses connected to seven million Animal Jam and Animal Jam Classic parent accounts, 32 million player usernames associated with these accounts, encrypted passwords, 14.8 million player birth years, 23.9 million player gender records, 5.7 million precise player birthdates, 12,653 parents’ full names and billing addresses and 16,131 parents’ full names without an associated address.

The threat actor, who has posted data onto a public hacker forum, shared only a partial database containing approximately 7 million user records for children/parents who signed up for the game. WildWorks learned of the attack on 11th November when threat researchers alerted it after spotting some of the data being posted.

WildWorks has said in a statement: “We believe the information stolen was confined to the items already stated. Billing names and addresses were included in 0.02% of the stolen records; otherwise no billing information was stolen, nor information that could potentially identify parents of players.

All Animal Jam usernames are human moderated to ensure they do not include a child’s real name or other personally identifying information.”

Commenting on the attack, Boris Cipot, Senior Security Engineer at Synopsys, said: “The gaming industry is a common target for attacks, be it data theft or ransomware attacks. An interesting observation within the gaming industry is that player accounts are often high-value assets due to in-app purchases, or rewards from leveling up. In other words, gaming accounts are often items for sale – at least accounts owned by adults spending money. However, we now have proof that even educational games for children are no longer safe, but valuable resources for bad actors.”

The firm has assured that no other user data has been accessed at this time and that all user databases have since been secured. As a precaution, all players are being told to change their passwords immediately and are advised to check their data on haveibeenpwned.com as soon as possible. If account holders have created accounts at any other online service using the same password, this should also be changed immediately.

“Never, ever use a password such as ‘password’ or ‘1234567’ because you are asking for trouble,” noted Sam Curry, Chief Security Officer at Cybereason. “You would be surprised how easy some people make it for hackers to be successful. Animal Jam’s customers should also consider using a password manager because they are easy to use and safe. There are many reputable products on the market today and many are offering Free trial offers during the holiday shopping season.”

Security awareness advocates have commended WildWorks for acting proactively and transparently in investigating the incident. However, it has raised questions over how technology has become deeply embedded in daily life to the extent that even children’s games need to be linked to accounts that hold Personally Identifiable Information (PII).

“The main risk we are facing here is that for anyone re-using credentials they may fall victim to credentials spraying where their logins in this system is used against other platforms,” concluded Martin Jartelius, Chief Security Officer at Outpost24. “So, if you know you are re-using credentials, be it that you have an account on this service or not, please prioritise getting unique credentials setup per service.”

 

Tags: Cybersecurity
ShareTweetShare

Related Posts

British Security Awards announces 2022 winners
Education & Events

British Security Awards announces 2022 winners

OneQode teams with up Corero Network Security to protect customers from malicious DDoS attacks
Cyber Security

OneQode teams with up Corero Network Security to protect customers from malicious DDoS attacks

Seagate and Secure Logiq release recording of surveillance industry storage webinar
PRESS RELEASE

Seagate and Secure Logiq release recording of surveillance industry storage webinar

Euralarm releases revised study on False Fire Alarms in Europe
PRESS RELEASE

Euralarm releases revised study on False Fire Alarms in Europe

KnowBe4 kicks off ransomware awareness month with resource kit
Cyber Security

KnowBe4 kicks off ransomware awareness month with resource kit

Panasas teams up with MLCommons for advanced machine learning
PRESS RELEASE

Panasas teams up with MLCommons for advanced machine learning

Load More

The Tannery, 3a John Street, Tunbridge Wells,
Kent TN4 9RU
All enquiries: +44 (0)1892 525141

  • Home
  • Advertising
  • About
  • Webinars
  • Social Wall
  • Contact Us
No Result
View All Result
  • Login
  • Sign Up
  • Cart
  • Home
  • Why Advertise
  • Create Your Campaign
  • About Security on Screen
    • Privacy Policy
  • Webinars
  • Social Wall
  • Contact Us
  • Business News
    • New Technology
    • Opinion
    • People
    • Education & Events
  • Product Groups
    • Access Control
    • Biometrics
    • Cyber Security
    • Physical Security
    • Smart City
    • Surveillance
    • Systems Integration
  • Industry Sectors
    • Banking
    • Casinos
    • City Surveillance
    • Data Centres
    • Government
    • Healthcare
    • Leisure
    • Manufacturing
    • Retail
    • Schools and Campus Security
    • Transport
    • Utilities

© 2020 SecurityOnScreen.com

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.