1. Forum
  2. HobbyNet
  3. HNET LEGO

  • Lego fans told to change their passwords right now following seri

    From TechnologyDaily@1337:1/100 to All on Thu Nov 9 13:00:05 2023
    Lego fans told to change their passwords right now following serious cyberattack

    Date:
    Thu, 09 Nov 2023 12:51:34 +0000

    Description:
    Someone has been selling other people's Lego assets on BrickLink, forcing the company to temporarily pause its services.

    FULL STORY ======================================================================

    BrickLink, a Lego-owned marketplace where users can buy and sell Lego parts, sets, and minifugures, has revealed it was recently a victim of a serious cyberattack.

    The company confirmed the news via its forums, where it explained that its security team was actively managing some limited suspicious activity since mid-October. Apparently, someone gained access to seller accounts and was selling Lego assets at huge discounts while fraudulently accepting payment from buyers.

    Soon after, on November 3, the company received a threat and ransom demand prompting it to shut its systems down out of an abundance of caution. The
    post did not elaborate who made the ransomware threat, what the attackers
    were threatening with, or how much money they were asking for. Lego fan accounts risk

    The admin did say that there was no evidence of system compromise. Instead, they suspect credential stuffing, thinking the attackers bought (or stole) a username/ password database elsewhere and tried it on the BrickLink platform until they logged into some accounts.

    We also dont know exactly how many accounts were compromised this way. The post only says that a relatively small number of BrickLink accounts were involved. Their true owners were notified of the breach. The company has now brought its systems back online, and urged its users to tighten up on
    security and stay vigilant.

    Although we know that the BrickLink site was not breached, we've further strengthened our security. We take the safety of BrickLink and our members very seriously and will continue to step up security across the platform, the post reads.

    Weve informed people where we have reason to believe that their accounts or stores may have been impacted, and reminded members of ways they can make their accounts safer and more secure by practicing good data security.

    Users are advised to keep their systems patched, use antivirus and endpoint security software, and create strong, unique passwords for each individual website.

    Via The Verge More from TechRadar Pro Many businesses don't even know they've been hit by a security breach Here's our list of the best firewall for online protection today These are the best malware removal tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/lego-fans-told-to-change-their-password s-now-following-cyberattack

    --- Mystic BBS v1.12 A48 (Windows/64)
    * Origin: Mystic Hobbies BBS, mystic-hobbies.com (1337:1/100)