Over 200 Million Words With Friends Players' Personal Details Stolen In Hack
The personal information from more than 218 million 'Words With Friends' players has been allegedly stolen by a hacker who claims to have gained access to the system of game company, Zynga.
The Pakistani hacker, known online as 'Gnosticplayers', insists that the data breach will impact all Android and iPhone users who installed and signed up for the Words With Friends' game before 2 September this year.
Gnosticplayers told The Hacker News that the stolen data includes names, email addresses, login IDs and hashed passwords as well as phone numbers and Facebook IDs (only if they were provided) alongside reset password tokens (again, if they were requested and provided).
Zynga - one of the world's most successful social game developers - admitted the data breach over a week ago when they revealed that the 'account login information for certain players of Draw Something and Words With Friends may have been accessed', but they didn't note the number of users potentially affected.
Their statement also said: "We recently discovered that certain player account information may have been illegally accessed by outside hackers.
"An investigation was immediately commenced, leading third-party forensics firms were retained to assist, and we have contacted law enforcement.
"As a precaution, we have taken steps to protect these users' accounts from invalid logins. We plan to further notify players as the investigation proceeds."
The advise for users is that you should immediately change the password for your account and also on any other services - in case you re-used the same password.
Speaking to The Next Web, Tiffany Olson Kleemann, VP of bot management at California-based cybersecurity vendor Imperva, said: "Whether or not this resulted from credential stuffing, massive data breaches like Zynga's inevitably lead to an increase in credential stuffing attacks on other websites, creating a huge spikes in bot traffic on their login screens as hackers cycle through the enormous list of credentials stolen from Zynga.
"Password dumps create a ripple effect of organizations spending precious time and resources on damage control. While it's important that individual web users have strong, secure logins, the onus is on the businesses to detect and block malicious bot traffic before large-scale password hacks can occur."
Other games belonging to Zynga are: FarmVille, Zynga Poker, Mafia Wars and Cafe World. The company is expected to be worth in the region of $5.48 billion.
Featured Image Credit: Words With Friends