Pakistani hacker breaches Words with Friends

Zynga is a wildly successful gaming company with a number of hit titles under their belt including FarmVille, Words with Friends, Zynga Poker, Mafia Wars, and Café World.

Their titles boast more than a billion players, worldwide, which is a number that would make most gaming outfits green with envy.

Naturally, their success has painted a giant target on the company. Recently, a Pakistani hacker going by the alias Gnosticplayers has claimed that he successfully breached Words With Friends and made off with a massive database containing information on more than 218 million users.

It doesn't appear to be an idle boast.  Recently Zynga acknowledged that they had been breached and that a variety of data was stolen from certain players of Draw Something and Words With Friends.

For his part, Gnosticplayers has been quite forthcoming, even providing The Hacker News with a sample of the stolen data, which includes:

  • Player name
  • Email address
  • Login ID
  • Hashed password
  • Password reset token (if present)
  • Facebook ID (if connected)
  • User Zynga account ID

He also boasted that he made off with data belonging to some 7 million Draw Something users, and in this case, revealed that the data he stole contained plain text passwords.

Zynga issued a statement which reads

"An investigation was immediately commenced, leading third-party forensics firms were retained to assist and we have contacted law enforcement. As a precaution, we have taken steps to protect these users' accounts from invalid logins.  We plan to notify players as the investigation proceeds further."

Our perspective

If you play either Words With Friends or Draw Something, you should change your password immediately and be on the lookout for phishing scams aimed at you in a bid to try and extract even more information from you.

As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there!"

Meanwhile, check out this report

This free executive report may give you insights into how to build your business with safe IT environments: 10 Hidden IT Risks That Might Threaten Your Business and 1 Easy Way to Find Them

The author

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available on LinkedIn, Facebook, and Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI am Denis Wilson, President and Principal Consultant for DWP Information Architects. I help professionals grow their business by building a foundation of rock-solid information solutions for smaller healthcare, insurance, financial, legal, and nonprofits firms in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance. I am also a published author and speaker, working extensively with a variety of organizations, as well as providing small business technology education programs through business and professional associations. This just in: I will be speaking regularly at California Lutheran University's Center for Nonprofit Leadership starting in September.

Contact me if you would like me to speak at your association.