Webkinz 2020 Data Breach: 22.9 Million User Records Exposed

In April 2020, Webkinz, a popular online children's gaming platform known for letting users care for virtual pets, experienced a significant data breach. The incident saw unauthorized access to the Webkinz database, resulting in the exposure of over 22.9 million user records. Compromised information included usernames and passwords, with those passwords having been hashed using the md5crypt algorithm. This breach raised concerns among parents and long-time users who valued both the game's entertainment and the privacy of their accounts.

What Happened in the Webkinz Breach?

The Webkinz breach involved an external party gaining unauthorized access to the platform’s servers. The attackers were able to retrieve a database containing close to 23 million account records. The leaked information included the usernames registered on the platform as well as their corresponding passwords, which, while not stored in plain text, had been secured using the md5crypt hashing algorithm.

Timeline of the Incident

The breach is believed to have occurred around the beginning of April 2020 and details of the incident surfaced shortly after. The compromised data was later shared publicly online, making the scope of the breach clear to both the company and its users.

How Many Users Were Affected?

A total of 22,982,320 unique user accounts were impacted by this breach. Many of the affected accounts belonged to children and families who had used the Webkinz World platform over the years.

What Data Was Exposed?

The attackers obtained usernames and password hashes. The affected passwords were hashed using md5crypt, a legacy algorithm. No financial data, real names, or parental email addresses were reported among the compromised fields in this particular breach.

FAQ

How did the Webkinz data breach happen?

The Webkinz data breach occurred when unauthorized actors accessed the platform’s database and extracted nearly 23 million user records, including usernames and hashed passwords.

What information was leaked in the Webkinz breach?

The exposed data from the Webkinz breach included usernames and passwords secured with md5crypt hashing. No payment or personal contact information was included.

How many users were affected by the Webkinz breach?

More than 22.9 million user accounts were affected by the Webkinz data breach in April 2020.

When was the Webkinz data breach discovered?

The incident was discovered and became public knowledge in April 2020, with the unauthorized access believed to have happened at the start of that month.

How can I check if I'm in the Webkinz breach?

You can check if your information was part of the Webkinz breach by utilizing the DeHashed search engine.