Mon. Nov 18th, 2019

Zynga Data Breach Exposes 200 Million Words With Friends Players

The popular social game developer, Zynga, revealed that it was the victim of a data breach.

 

Zynga is responsible for a collection of hit games, which include FarmVille, Words With Friends, Mafia Wars, Zynga Poker, among others. And while their game development skills are on point, their breach notification skills, however, needs some work.

 

“Cyberattacks are one of the unfortunate realities of doing business today,” the company’s breach notification begins.

 

Did you cringe while reading that sentence? Yeah, so did we.

 

So what exactly happened?

 

According to The Hacker News, who first reported the breach, “a Pakistani hacker who previously made headlines earlier this year for selling almost a billion user records stolen from nearly 45 popular online services” said he managed to breach Words With Friends and access a database, which held information on more than 218 million users.

 

Even more, the hacker exclusively told the Hacker News that the breach affects Android and iOS game players who installed or signed up for Words With Friends on or before September 2nd of this year.

 

The data stolen includes:

  • Names
  • Email addresses
  • Login IDs
  • Hashed passwords, SHA1 with salt
  • Password reset token (if ever requested)
  • Phone numbers (if provided)
  • Facebook ID (if connected)
  • Zynga account ID

 

In the same breach notification, Zynga said it contacted law enforcement and is working with “leading third-party forensics firms” to further investigate the breach.