A hacker has claimed to gain unauthorised access to a database containing the data of more than 218 million users.
Going by the alias Gnosticplayers, the hacker stated that he had breached “Words With Friends”, a popular puzzle game developed by Zynga.
According to the hacker, the breach has impacted all iOS and Android players who had installed and signed up for the “Words With Friends” game on and before September 2, 2019.
A statement by Zynga said: “We recently discovered that certain player account information may have been illegally accessed by outside hackers. An investigation was immediately commenced, leading third-party forensics firms were retained to assist, and we have contacted law enforcement.”
It is believed that no financial information has been accessed, however the company has identified account login information for certain players of “Words With Friends” and “Draw Something” that may have been accessed.
The hacker had provided The Hacker News with sample data of the stolen users’ information. The data includes their; names, email addresses, hashed password (SHA1 with salt), login IDs, phone numbers (if provided), Facebook ID (if connected) and their Zynga account ID.
The hacker has also claimed to access data to other Zynga-developed apps, including “Draw Something” and “OMGPOP” which has been discontinued.
“As a precaution, we have taken steps to protect these users’ accounts from invalid logins. We plan to further notify players as the investigation proceeds.
“The security of our player data is extremely important to us. We are working hard to address this matter and remain committed to supporting our community.”
The post #Privacy: Zynga announces data breach on “Words With Friends” app appeared first on PrivSec Report.