Posted   by 

Neopets 2013 Leak

This Neopets Database Leak is the biggest shocker to hit the Neopian world in quite some years. The data breach whilst causing some disquiet has largely affected only inactive accounts now purged from the system, according to Mr Czulewicz a chief revenue officer for JumpStart. The only information compromised included emails and locations,.


Neopets is an online platform where kids can take care of “virtual pets.” The website has revealed many sensitive user data online, including login credentials used for gaining access to company databases, email ids of employees, and repositories that contain proprietary code for the website.

The exposed data comprises the IP address of Neopets users, data that can be used by hackers to target Neopets visitors. John Jackson, an independent cybersecurity researcher, found the issue while he was searching Neopet’s website with his security software. The Security Ledger reports, “this is the second serious security incident involving the Neopets site. In 2016, the company acknowledged a breach that spilled usernames, passwords, IP addresses, and other personal information for some 27 million users. That breach may have occurred as early as 2013.”

A 2013 leak of old neopets accounts is not actually a particularly in-demand document and it took hours of clicking around sketchy forums with my eyes half closed. But eventually i found the download! 5 gb of neopets credentials. A hack on Neopets occurred in 2012, before the site’s acquisition by its new ownership, Jumpstart, in 2014. According to one Reddit user’s Have I Been Pwn’d notification, the data leak.

Neopet, an online pet platform, was launched in the year 1999. It allows users, mostly kids, and children to take care of virtual pets/animals and buy virtual accessories for these pets using the “Neopoint” or “Neocash,” virtual points earned in-game. Users can buy Neocash with real money or with the help of the awards. Viacom purchased Neopets for $160 million in 2005, but in 2017 it was purchased by NetDragon, a Chinese company.

“The issue appears to be related to a misconfigured Apache web server, Jackson said. Though many web-based applications are hosted on infrastructure owned by cloud providers such as Amazon, Google, or Microsoft’s Azure, leaked documents indicate that the 20-year-old Neopets website continues to operate from the infrastructure it owns and operates,” reports The Security Ledger.

Hacked accounts on sellout

Neopets 2013 leak freeNeopets 2013 Leak

According to researcher Jackson, he found that Neopets accounts were “on-sale” on a website. It led him to scan Neopet’s website using a security tool, which reported Neopets’ subdomain exposed the website data. Upon research, Jackson found the employees’ database, emails, login credentials, and complete code-base. The screenshots of the Neopets repository shared by Jackson show that the credentials were either embedded in the website’s underlying code or “hard-coded.” With the help of cybersecurity expert Nick Sahler, Jackson downloaded Neopet’s full code-base, it revealed a database, private code repositories, user IP addresses, and employee emails.


In 2012, a breach of data threatened somewhere around seventy million users, although an unconfirmed total, the ramifications for such a large number of potential victims is immense. The reason why this hasn’t been more widely publicised until now, apart from the strict Neoboard filters deciding exactly what you can say and when, is that it’s only been addressed by the Jumpstart team in an announcement on their official Facebook page last Thursday, the 5th of May. This Neopets Database Leak is the biggest shocker to hit the Neopian world in quite some years.
Leak
The data breach whilst causing some disquiet has largely affected only inactive accounts now purged from the system, according to Mr Czulewicz a chief revenue officer for JumpStart. The only information compromised included emails and locations, and not payment information or addresses associated with cards. He reaffirmed that account security was the central priority for the company, in an effort to dispel any rumours of further security compromises. Why this matters years later, in 2016 is that it highlights the ever increasing need to improve our online security, not just Neopets but everywhere.

Neopets 2013 Leak Free

If you don’t update your password and pin number regularly, you definitely should. It is recommended every 2 – 3 months, and all passwords should contain a combination of letters, numbers and symbols, and pin numbers should be randomised.
Neopets 2013 Leak

Neopets 2013 Leak Detector

In the event of another large security breach compromising accounts, making a detailed list of all current Neofriends, NC purchases and transactions, and items currently in your closet is strongly advised. If anybody has ever been on the laborious ‘request support’ page, you’ll understand why. In retrieving any data for an account, you must be able to prove the account belonged to you – and not to the hacker.
Neopets 2013 Leak

Neopets 2013 Leak Map

In the past few days, Neopets has several extra measures to keep accounts secure, those include a captcha upon accessing any user’s lookup or pet lookup, and perhaps more pertinently, a password reset for all affected players. What might seem like a temporary inconvenience for the average Neopets user, we’re assured, is a necessary measure of protection.

Neopets 2013 Leak Game