Zynga experienced a data breach after a hacker called 'Gnosticplayers' stole users' sensitive information.
Zynga's titles boast more than a billion players, worldwide, which is a number that would make most gaming outfits green with envy.
Naturally, their success has painted a giant target on the company. Recently, a Pakistani hacker going by the alias Gnosticplayers has claimed that he successfully breached Words With Friends and made off with a massive database containing information on more than 218 million users.
However, it doesn't appear to be an idle boast. Recently Zynga acknowledged that they experienced a breach and that a variety of data extracted from individual players of Draw Something and Words With Friends.
Furthermore, Gnosticplayers has been quite forthcoming, even providing The Hacker News with a sample of the stolen data, which includes:
- Player name
- Email address
- Login ID
- Hashed password
- Password reset token (if present)
- Facebook ID (if connected)
- User Zynga account ID
He also boasted that he made off with data belonging to some 7 million Draw Something users, and in this case, revealed that the data he stole contained plain text passwords.
Zynga issued a statement which reads, in part, as follows:
"An investigation was immediately commenced, leading third-party forensics firms were retained to assist and we have contacted law enforcement. As a precaution, we have taken steps to protect these users' accounts from invalid logins. We plan to notify players as the investigation proceeds further."
Besides, you should change your password immediately if you've played Words With Friends or Draw Something. Be aware of phishing scams aimed to try and extract even more information.