Hackers stole more than 170 million usernames and passwords during an attack on game developer Zynga that took place months ago.
The developer, known for creating Farmville, which can be seen below years ago and later bought Words With Friends, acknowledged in September this year that it was targeted. At the time, the company told users that the attacks are an unfortunate reality for those doing business on the Internet today.
The information has been released since 2008, the files had 87GB of information
Although she acknowledged that she was the target of the attack, the company did not say how many accounts were affected. It has now been revealed that the database stolen by hackers during the attack contained a total of 172,869,660 unique accounts.
Zynga said only to users in September: "We recently discovered that certain player account information may have been illegally accessed by external hackers. An investigation was immediately launched, third-party forensic companies were called in to help, and we contacted the authorities. "
According to the website 'Have I Been Pwned', Which monitors attacks of this kind and alerts users if their information has been stolen, the information hackers accessed in the attack on Zynga include securely stored email addresses, usernames and passwords. In some cases, Facebook IDs and phone numbers of users who provided this information to Zynga were also exposed.
The method the company uses to protect passwords involves two processes known as salting and hashing, meaning that it would take a long time and cost someone to access passwords in the stolen database.
The Hacker News website talked to the alleged attacker, known online as Gnosticplayers. He said he also stole other smaller Zynga databases, including one containing 7 million unprotected passwords for users of the already discontinued OMGPop game.
"This is just the latest in a series of attacks by Gnosticplayers that seem to be behind reputation and monetary gain," said Max Heinemeyer, director of threat hunting at cyber security company Darktrace.
Concerned users can check if their accounts were among those exposed by visiting Have I Been Pwned, which ranks Zynga's violation as the 10th largest it has cataloged and the second largest by a known name, following the MySpace attack in 2008 that exposed accounts 360 million users. This attack on MySpace was not made public until May 2016.
Source: The guardian