ZDNet has reported that a malicious hacker has leaked the usernames and passwords of nearly 23 million players of Webkinz World. This is an online children’s game managed by Canadian toy company Ganz. The data loss is significant given the reach of the game. The platform has been one of the most successful online children’s games of the past decade, next to Disney’s Club Penguin.
Commenting on the incident for Digital Journal, Jumio CEO Robert Prigge says: “The 23 million exposed Webkinz usernames and passwords further validates that nobody’s personal data is safe. Whether it’s a child playing a game online, a hotel guest booking a room or someone ordering from DoorDash, hackers are looking for every entry point to gain access to user data.”
The analyst notes that the era of coronavirus is leading to more people going on line, including kids. Here he warns: “As children’s education and activities have rapidly shifted online because of the current pandemic, it’s likely children are using the same usernames and passwords across multiple apps and online accounts, meaning this exposure allows hackers to gain access to more than just Webkinz.”
In terms of the general impact and lessons to be learned from the incident, Prigge notes: “It’s clear usernames and passwords can no longer be trusted to keep accounts safe, and today’s cyber-attack environment calls for a more sophisticated approach to online ID verification.”
As a more effective safeguard, Prigge recommends: “Biometric authentication (using a person’s unique biological characteristics to confirm identity) is one way to ensure only authorized users can gain access to an account, helping enterprises across industries keep their users’ data secure while keeping their business and customers protected from fraud.”