Neopets hit with massive data breach that could jeopardize millions of accounts

It might be time to check on your Kacheek.

Several Neopets stand together in front of a purple background.
Image via Neopets

A recent data breach has affected Neopets, one of the beacons of early 2000s internet culture, that could compromise the personal information of millions of user accounts.

Neopets help and news website Jellyneo received a tip yesterday that a hacker broke into the Neopets database, which would give them access to users’ account names, passwords, email addresses, IP addresses, and more. The database information and the site’s source code were then reportedly offered for sale on a forum, with the hacker asking for four bitcoin (roughly $94,000) in exchange. Jellyneo estimates that over 69 million accounts may have been compromised in the hack. It’s unclear whether payment methods and Neocash transactions were affected.

Following the tip, the official Neopets Twitter account confirmed the breach and started an investigation into the hack with a forensics firm and local law enforcement. A follow-up tweet encouraged users to change their Neopets password and make sure they aren’t using that password on any other websites or services. The Neopets team promised to keep users updated with the investigation’s findings.

Neopets was a staple of early 2000s online web games and forum communities. Users could adopt and raise virtual pets, play Flash games, and interact with a huge worldwide community through the website. The site has changed hands several times since its launch in 1999 and has been involved in some questionable activities recently, including the promotion of Neopets-themed NFTs last year. The site has always had issues with hackers and was the subject of another large breach back in 2016, which also affected millions of accounts.