Mobile Game Maker Zynga was Breached

Gnosticplayers, a well-known hacker claimed he gained access to 218 million user records at the mobile game maker Zynga.

On Sept. 12, Zynga reported that a cybersecurity incident had taken place and account login information for certain players of Draw Something and Words With Friends may have been accessed. The company did not give any details on the hack or number affected, but said it has taken steps to protect the accounts in question.

The Hacker News said it has been in contact with the hacker Gnosticplayers, who claimed to have gained entry to a database of more than 218 million game players and gave the news organization some samples on the stolen data. The hacker said the data is from all Android and iOS players who signed up for Words with Friends before September 2 and includes:

  • Names
  • Email addresses
  • Login IDs
  • Hashed passwords, SHA1 with salt
  • Password reset token (if ever requested)
  • Phone numbers (if provided)
  • Facebook ID (if connected)
  • Zynga account ID

Gnosticplayers is well known for stealing and then selling data. In February he posted 93 million stolen records for sale on the dark web, followed by another 26 million in March, with yet another dump of 139 million records in May.

Source: SC Magazine