Animal Jam Data Breach Passwords -

The hacker still has your plain text password on a hard drive somewhere. Don't make it easy for them to use it.

, a hacker successfully infiltrated a third-party communication tool (Slack) used by WildWorks employees. By stealing an internal access key, the attacker gained unauthorized entry to Animal Jam’s user databases. WildWorks was alerted to the theft on November 11, 2020, after security researchers found the database posted on the cybercrime forum RaidForums The Password Problem: Hashing vs. Plain-Text Animal Jam Data Breach Passwords

An analysis of the exposed passwords reveals some concerning trends: The hacker still has your plain text password

Unlike many corporate breaches driven by financial fraud, this breach appeared to be driven by "clout" within the hacker community. The attacker, reportedly a known figure in data breach circles, initially teased the leak and then released the data (minus the billing info) publicly on a hacking forum for anyone to download. By stealing an internal access key, the attacker

They also emphasized that they had never stored complete credit card numbers, limiting the financial damage to affected families.

If you have not changed your password since , you should do so immediately: