Child-friendly games website Animal Jam suffered a hack that exposed 46 million user records after a staff Slack channel was compromised by malicious people who discovered a private AWS key.
Animal Jam chief exec Clary Stacey confirmed the hack after Bleeping Computer spotted information from the compromised AWS server being posted on stolen data bazaar raidforums[.]com.
At the time of writing, users of the forum were claiming to have decrypted at least part of the encrypted databases stolen.
In a statement, game developer Wildworks said: “We believe our vendor’s server was compromised some time between October 10-12, 2020. It was not apparent at the time that a database of account names was accessed as a result of the break-in, and all relevant systems were altered and secured against further intrusion. The database theft most likely occurred in the same October 10-12, 2020 time window.”
..
Support the originator by clicking the read the rest link below.