In brief: A sampling of user data supplied to The Hacker News confirms that names, e-mail addresses, login IDs, hashed passwords, password reset tokens (if ever requested), phone numbers (if provided), Facebook IDs (if connected) and Zynga account IDs were compromised.
Social gaming developer Zynga is the latest tech-based company to fall victim to a devastating data breach.
Serial hacker “Gnosticplayers” told The Hacker News that he managed to gain access to a database containing more than 218 million user records for the hit game Words With Friends. Specifically, all Android and iOS players that signed up for and installed the game before September 2, 2019, are impacted.
Zynga was founded in early 2007 and found massive success just a few years later with FarmVille, a game it took ownership of with its acquisition of MyMiniLife. Zynga also struck gold with other titles including Mafia Wars, Zynga Poker and the aforementioned Words With Friends.
Zynga said everything you’d expect in its statement – they immediately launched an investigation, brought in a third-party forensics firm to help and contacted law enforcement. The developer said it has also taken steps to protect affected user accounts from invalid logins. At the very least, you should go and change your Zynga password immediately.
Zynga is keeping details of the breach close to the vest, however, so for now, we’ll have to take the hacker’s word at face value.
Masthead credit: Zynga headquarters by Bjorn Bakstad