If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Neopets warns of ongoing data breach affecting 69m accounts

Hacker appears to offer live access to user database.

Neopets has suffered a serious data breach, resulting in personal information such as email addresses and passwords from over 69m accounts being leaked.

Users are now being urged to change their password for Neopets and any sites that use their Neopets password.

On Wednesday, community site Jellyneo revealed that Neopets is actively being hacked.

Eurogamer Newscast: Why are video game companies still trying to flog NFTs?

With help from an anonymous tip, they discovered the database and source code for Neopets was being sold on a hacker website. The seller was offering this access to buyers for 4 Bitcoin, which at the time of the breach was revealed was worth around $94,500.

For an additional fee, the seller was offering live access to the database, meaning that even if users changed their password, their information would still be available on the black market.

Neopets support team TNT issued a statement a few hours after the hack was publicised by Jellyneo, stating its acknowledgement of the issue in which "customer data may have been stolen". The team further stated it was investigating the hack fully and had contacted a forensics firm and law enforcement to aid the investigation. In the meantime, TNT asked users to change their password.

Payment methods are not thought to be at risk, but TNT is yet to respond to this question which is a point of concern for many of its users.

The Neopets website received an update early this morning, which repeats the previous statement from TNT to ensure users are aware of the ongoing matter.

Neopets site announcement regarding the data breach.
The information announcement added to the front page of Neopets.

At time of writing, there have been no further updates from TNT on whether financial information is at risk, the source of the hack, or whether the security flaw that allowed external access has been patched.

Users should change any passwords for sites which shared their Neopets password whilst the vulnerability is still unconfirmed to have been fixed.

Will you support Eurogamer?

We want to make Eurogamer better, and that means better for our readers - not for algorithms. You can help! Become a supporter of Eurogamer and you can view the site completely ad-free, as well as gaining exclusive access to articles, podcasts and conversations that will bring you closer to the team, the stories, and the games we all love. Subscriptions start at £3.99 / $4.99 per month.

Tagged With

About the Author

Liv Ngan avatar

Liv Ngan


Liv is Eurogamer's work experience reporter. When not playing games, she's trying to bring cats to her yard and be meme literate.


More News

Latest Articles

Supporters Only

Eurogamer.net logo

Buy things with globes on them

And other lovely Eurogamer merch in our official store!

Eurogamer.net Merch