Post by Newfie on Apr 19, 2020 13:18:37 GMT -5
Messaged Betty this morning with things I have been seeing and hearing,new statement will be released soon from Ganz.
CHANGE your passwords in WW and anywhere else that may have the same password. (Betty's suggestion)
Will post new message from Ganz when it is released. -Las
There has been an article posted about a possible data breach of Webkinz account information.
We wanted you to be aware and to have the most up to date information that has been provided.
Ganz has responded, you can see both the article and the response from Ganz below.
The link for the article about the possible breach or you can click on the spoiler, below, to show the article: LINK
GANZ RESPONSE:
Hi Everyone!!!!! DON'T WORRY!!!!
GANZ Responds to Claims of Webkinz User Data Breach
Today we were made aware of an article that claims that the user name and passwords for 23 million Webkinz accounts were accessed and made available on a hacking website.
We take these claims very seriously and are investigating them. We would like to just reiterate some facts about your accounts to calm any concern:
1) Your password and parent's email (if your parent chose to provide one) are automatically encrypted.
This means that they are transformed from the text you type into a very long string of unreadable characters - letters, numbers and symbols.
2) Webkinz account information is in no way connected to our eStore account information. There is no risk to your eStore data.
3) No addresses, phone numbers or last names have ever been collected by Webkinz at any point in our 15 years.
The security of our players' accounts is of utmost security to GANZ. We regularly update our code to ensure that we are as secure as possible.
We will be giving this a thorough investigation.
If you are concerned about the security of your account, we strongly recommend that you change your password regularly using the button on the Log In screen.
GANZ
CHANGE your passwords in WW and anywhere else that may have the same password. (Betty's suggestion)
Will post new message from Ganz when it is released. -Las
There has been an article posted about a possible data breach of Webkinz account information.
We wanted you to be aware and to have the most up to date information that has been provided.
Ganz has responded, you can see both the article and the response from Ganz below.
The link for the article about the possible breach or you can click on the spoiler, below, to show the article: LINK
Hacker leaks 23 million usernames and passwords from Webkinz children's game
Exclusive: Webkinz security breach occurred earlier this month, sources have told ZDNet.
April 18, 2020 -- 23:54 GMT
A hacker has leaked today the usernames and passwords of nearly 23 million players of Webkinz World, an online children's game managed by Canadian toy company Ganz.
The Webkinz game launched in 2005 as the online counterpart of a line of Ganz plush toys. Users could enter a code from their plush toy on the Webkinz website where they could play and manage a version of their toy in the form of a virtual pet.
The game has been one of the most successful online children's games of the past decade next to Disney's Club Penguin.
However, today, an anonymous hacker has posted a part of the game's database on a well-known hacking forum. ZDNet has obtained a copy of the leaked file with the help of data breach monitoring service Under the Breach.
The 1 GB file uploaded online contained 22,982,319 pairs of usernames and passwords, with the passwords being encrypted with the MD5-Crypt algorithm.
Sources familiar with the hack have told ZDNet that the security breach took place earlier this month.
The hacker allegedly gained access to the game's database using an SQL injection vulnerability present in one of the website's web forms.
ZDNet has learned that details about the vulnerability have been circulating online before today's leak for months, both on hacking forums and on online IM chat groups.
We've been told that besides username and password pairs, hackers were also successful in obtaining hashed versions of parents' email addresses; however, this data has not been leaked.
Sources told us that Webkinz staff had detected the intrusion and patched the hacker's point of entry into their systems.
ZDNet has contacted Ganz for comment and to notify the company of the leaked data, but we have not heard back before this article's publication.
In a support page on its website, Webkinz says it archives accounts that have been inactive for more than 18 months.
"For security purposes, during the archiving process, we remove all information associated to the account other than then User Name and Password," the company said. "Please note that if an account remains inactive for a period of 7 years, Ganz will then delete that account."
At the time of writing, it is unclear if hackers have stolen these "archived" accounts, or if the leaked data belongs to currently active users.
Exclusive: Webkinz security breach occurred earlier this month, sources have told ZDNet.
April 18, 2020 -- 23:54 GMT
A hacker has leaked today the usernames and passwords of nearly 23 million players of Webkinz World, an online children's game managed by Canadian toy company Ganz.
The Webkinz game launched in 2005 as the online counterpart of a line of Ganz plush toys. Users could enter a code from their plush toy on the Webkinz website where they could play and manage a version of their toy in the form of a virtual pet.
The game has been one of the most successful online children's games of the past decade next to Disney's Club Penguin.
However, today, an anonymous hacker has posted a part of the game's database on a well-known hacking forum. ZDNet has obtained a copy of the leaked file with the help of data breach monitoring service Under the Breach.
The 1 GB file uploaded online contained 22,982,319 pairs of usernames and passwords, with the passwords being encrypted with the MD5-Crypt algorithm.
Sources familiar with the hack have told ZDNet that the security breach took place earlier this month.
The hacker allegedly gained access to the game's database using an SQL injection vulnerability present in one of the website's web forms.
ZDNet has learned that details about the vulnerability have been circulating online before today's leak for months, both on hacking forums and on online IM chat groups.
We've been told that besides username and password pairs, hackers were also successful in obtaining hashed versions of parents' email addresses; however, this data has not been leaked.
Sources told us that Webkinz staff had detected the intrusion and patched the hacker's point of entry into their systems.
ZDNet has contacted Ganz for comment and to notify the company of the leaked data, but we have not heard back before this article's publication.
In a support page on its website, Webkinz says it archives accounts that have been inactive for more than 18 months.
"For security purposes, during the archiving process, we remove all information associated to the account other than then User Name and Password," the company said. "Please note that if an account remains inactive for a period of 7 years, Ganz will then delete that account."
At the time of writing, it is unclear if hackers have stolen these "archived" accounts, or if the leaked data belongs to currently active users.
GANZ RESPONSE:
Hi Everyone!!!!! DON'T WORRY!!!!
GANZ Responds to Claims of Webkinz User Data Breach
Today we were made aware of an article that claims that the user name and passwords for 23 million Webkinz accounts were accessed and made available on a hacking website.
We take these claims very seriously and are investigating them. We would like to just reiterate some facts about your accounts to calm any concern:
1) Your password and parent's email (if your parent chose to provide one) are automatically encrypted.
This means that they are transformed from the text you type into a very long string of unreadable characters - letters, numbers and symbols.
2) Webkinz account information is in no way connected to our eStore account information. There is no risk to your eStore data.
3) No addresses, phone numbers or last names have ever been collected by Webkinz at any point in our 15 years.
The security of our players' accounts is of utmost security to GANZ. We regularly update our code to ensure that we are as secure as possible.
We will be giving this a thorough investigation.
If you are concerned about the security of your account, we strongly recommend that you change your password regularly using the button on the Log In screen.
GANZ
