- Hackers distribute a database with information about millions of players.
- Popular online game surprises with its response to data breaches
Don’t worry if you’ve never heard of Animal Jam. This is not a game for you – the target group is children from 7 to 12 years.
With over 300 million registered players, Animal Jam is a popular online game where children adopt their favorite animals and explore a colorful world.
Animal Jam likes to present itself as a safe and entertaining character, but this week we’ve learned that that doesn’t mean it can never get a safety leak.
WildWorks, the developer of Animal Jam, has confirmed that early last month a hacker broke into his system and stole 46 million records of Animal Jam.
According to a warning posted on Animal Jam’s website, the database containing the data was stolen after the attack, where the hacker hacked into a third party means of communication used by WildWorks employees and stole the access key.
Last week the Animal Jam team discovered that the stolen data had been posted on an underground hacker forum.
According to WildWorks, the database, which is distributed by hackers, contains approximately 46 million data on animal stages as follows
- The email addresses used to create about 7 million Animal Jam and Animal Jam Classic parent accounts.
- There are about 32 million player names associated with these master accounts.
- Passwords associated with these user accounts, but in encrypted form.
- 14.8 million entries include the player’s year of birth, which was entered when the account was created.
- 23.9 million records contain the gender of the player entered when creating the account.
- 5.7 million accounts contain the Player’s full date of birth, as provided for when the account was registered.
- 12,653 Parental invoices contain the full name and billing address of the parent (but no other billing details).
- 16.131 of the parent accounts contain the first and last name of the parent, without billing address.
Animal Jam may be designed for children, but the information he shared about safety violations is fresh and mature.
Not only is WildWorks not afraid to share information about the number of records released as a result of data breaches, but it also gives parents the assurance that their children’s personal information has not been compromised. Moreover, virtually no invoice details were released and even in this case there were no payment card details.
We believe that the stolen information was limited to the cases mentioned above. There are no real names of the children kept for this injury. The name and billing address were included in 0.02% of the stolen records; otherwise the billing information would not have been stolen, nor would information identifying the players’ parents. All Animal Jam usernames are moderated by an individual to ensure that they do not contain a child’s real name or other personal information.
Nobody likes privacy violations, but there is some comfort – especially as young children play animal jam.
This silver lighting on the cloud was made possible by the fact that Animal Jam was designed in the first place. WildWorks knew there was information about its young players that it didn’t want to keep, so it set up processes so it didn’t have to collect it in the first place.
Many other pirate companies could learn a lesson from the way Animal Jam dealt with his unfortunate hacking.
As a precaution, all Animal Jam players are required to change their passwords, and it is strongly recommended to choose passwords that are difficult to guess. I would like to add that you should also make sure that you do not use the same password everywhere on the internet.
WildWorks declares that it will disclose information about privacy violations to law enforcement agencies and will work closely with them to identify those responsible and bring them to justice.