46 million Animal Jam accounts leaked after comms software breach
The company behind the popular kids game Animal Jam has revealed that 46 million user accounts have been leaked online after an access key for a server was lifted from one of its Slack channels. WildWorks, the parent company of Animal Jam, said it was made aware of the breach by alert database HaveIBeenPwned, which said user data had been shared on the dark web site Raidforums. SEE MORE What to d
o in case of a data breach SEE MORE AWS adds default encryption to leaky S3 buckets SEE MORE AWS plugs leaky S3 buckets with CloudKnox integration Animal Jam, which was first released in 2010, is a game aimed at kids aged between seven and 11-years old. It’s marketed to parents as a free, safe, and educational virtual space where children can design animal avatars, learn about nature, and engage with others. In a statement, Animal Jam said the hack resulted in the loss of approximately 46 million account records, which included billing data and email addresses for parental accounts, user names, encrypted passwords, and details for birthdays and player genders. The company stressed that no payment details had been accessed and that no real names had been leaked. WildWorks added that hackers had managed to access the server of a vendor it uses for intra-company communication, without naming that third-party. Slack has since confirmed to IT Pro that it was the vendor in question, but stressed this was an isolated incident and that Slack’s own infrastructure was not affected. It also said that password reuse was one likely cause of the breach. “We believe our vendor’s server was compromised sometime between Oct. 10 and 12,” the company said. “It was not apparent at the time that a database of account names was accessed as a result of the break-in, and all relevant systems were altered and secured against further intrusion.” WildWorks said it was first made aware of the breach on 11 November and is now working with the FBI and international enforcement agencies. Account holders have been forced to change their passwords as a precaution, although the company insists the leaked passwords were encrypted.
Date: 2020-11-13
itpro.co.uk
| IBM’s expanded IBM Z skills initiative will help clients hire and train apprentices for key roles (2020-11-19) | IBM today announced its expanded the IBM Z skills initiative for cultivating talent by including a new nationwide IT Infrastructure apprenticeship accelerator program Delivered in collaboration with Franklin Apprenticeships and the Urban Institute the free program will target IBM Z Ecosystem clients looking to hire new collar talent across system administrators system programmers and application d.. |
| HP Elite Dragonfly G1 review gallery (2020-11-27) | This striking 2-in-1 is lightweight sophisticated highly practical and a sheer joy to use |
| Microsoft Surface Laptop Go review gallery (2020-11-03) | The Surface Laptop Go shaves some weight cost and features off the core Surface Laptop design |
| Philips Brilliance 439P9H review gallery: (2020-11-27) | Huge and imposing - but is it any good? |
| What is Azure Database for PostgreSQL? (2019-09-30) | PostgreSQL is the most advanced open source database system and its used by a number of organisations to run mission-critical workloads including Microsofts Azure cloud service However the Azure Database for PostgreSQL is a slightly different story Known as a managed implementation of a service running on Azure cloud infrastructure Azure Database for PostgreSQL allows customers to quickly develop .. What is Azure Database for PostgreSQL? |
| Zoom tackles ‘Zoom-bombing’ with new security features (2020-11-17) | Video conferencing service Zoom has added a set of security features to help users combat Zoom-bombing attacks The new controls will help account holders remove unwanted guests and also spot if their meetings ID number has been shared online SEE MORE Twitter hackers virtual trial zoom bombed after ID leak SEE MORE Zoom review: Are we alone now? SEE MORE Zoom settles with the FTC over deceptive enc.. |
| IBM: Hackers are targeting COVID-19 vaccine ‘cold chain’ (2020-12-03) | A global phishing campaign is targeting organisations working to ensurethe temperature-controlled storage and transportation of the COVID-19 vaccine otherwise known as the cold chain The phishing campaign which was uncovered by IBMsecurity researchers was reported to have begun in September 2020 Spanning across six countries it targeted organisations associated with Gavi The Vaccine Alliances Cold.. |
| UK to review London listing rules to attract tech firms post-Brexit (2020-11-19) | Chancellor of the Exchequer Rishi Sunak has announced the launch of a new review into listing rules in an attempt to lure more tech companies to London Launched today and ledby former EU financial services commissioner Jonathan Hill the review aims to facilitate betteraccess to the finance required by businesses to grow as well as strengthen the UKs position within the global tech industry followi.. |
| Acer ConceptD CP7 CP7271KP review: Stylish and versatile (2020-11-13) | Acer has created a wood/metal aesthetic for its ConceptD workstation range so its no surprise to see hints of both in this accompanying stylish monitor Acer doesnt lose any crucial functionality: you can still adjust the height by 180mm swivel it round 360 and tilt it back a full 35 The only thing you cant do is pivot it into portrait mode but doing so would make the supplied hood fall off anyway .. |
| Brother HL-J6100DW review: An excellent choice - if you’re not in a hurry (2020-11-04) | The HL-J6100DW is larger than your average desktop inkjet but thats because it can turn out A3 prints just as happily as A4 Thats a handy trick and while the 322 price tag isnt the lowest weve seen its a lot cheaper than most A3 lasers Running costs are low too: the printer ships with standard high-yield ink cartridges which print a mono page for a penny and a colour one for 5p When these are exha.. |
