Further compounding the issue, some community sources reported that following the breach, hackers and third parties attempted to crack the exposed password hashes. This increased the likelihood that child-oriented accounts — many of which are protected by relatively simple passwords — could be fully compromised.
While the passwords were not leaked in plain text, they were stored as .
This is the most important technical detail for anyone affected by the breach. In the worst-case scenario, a company stores passwords in (readable, unencrypted strings). In a better scenario, they use hashing (converting a password into a fixed-length string of characters). In the best scenario, they use salted hashing (adding random data to each password before hashing it).
WildWorks sent emails to affected parents explaining what data was taken and outlining safety steps. Steps to Secure Your Account Animal Jam Data Breach Passwords
In October 2020, experienced a major data breach involving approximately 46 million user records . While the passwords themselves were cryptographically hashed (meaning they were not stored in plain text), hackers were able to access the following information:
Billing addresses and names for a small subset (~12,653 accounts). Password Vulnerability Review
The October 2020 Animal Jam data breach, stemming from a compromised third-party vendor, exposed 46 million user records containing personal data such as usernames, birth years, and parent email addresses. While WildWorks initiated a mandatory password reset following the theft, subsequent de-hashing efforts by attackers exposed approximately 1 million plain-text credentials, presenting lasting risks from credential stuffing and phishing. For a detailed breakdown of the breach, visit DeHashed . 46M accounts were impacted in the Animal Jam data breach This is the most important technical detail for
According to multiple sources, the passwords were protected using the SHA1 (Secure Hash Algorithm 1) hashing method, an older cryptographic standard that has been considered vulnerable and easily cracked by modern password cracking tools for years. While some reports indicated the use of PBKDF2 (Password-Based Key Derivation Function 2) — a stronger key derivation algorithm designed to resist brute-force attacks — there were conflicting accounts, with other sources pointing to the weaker SHA1 approach.
were compromised, including encrypted passwords and personal identifiers. This incident remains one of the largest data exposures targeting a platform primarily used by minors. 1. Incident Overview Discovery:
No full credit card details were exposed, though some billing addresses were included in specific records. 3. Password Vulnerability and Mitigation The Risk of Hashed Passwords In the best scenario, they use salted hashing
The stolen dataset included a variety of sensitive information: Usernames: Both account-specific names and real-world parent names. Passwords:
In the world of online gaming for children, few platforms have achieved the longevity and popularity of . Created by WildWorks (formerly Smart Bomb Interactive) in collaboration with National Geographic, this virtual world has attracted over 160 million registered users since its launch in 2010. However, with massive popularity comes massive risk. In late 2020, details emerged of a catastrophic data breach that exposed millions of Animal Jam accounts—including one of the most sensitive pieces of digital information: passwords .
