Hackers hit Disney Playdom forums, compelling the animation giant to shut them down, following a breach that left numerous users' data exposed. Hackers gained access to users' usernames, email addresses, passwords and logged IP addresses of Playdom accounts.
Disney notified its users of the breach on 29 July, apologising for the security slip-up. The firm, however, assured its users that sensitive information like social security numbers and credit card information was safe as they were neither collected nor stored at the Playdom site. According to reports, over 350,000 users' data was left exposed as a result of the breach.
"On July 12, 2016, we became aware that an unauthorised party gained access to the Playdom Forum servers. We immediately began investigating the incident and discovered that on July 9 and July 12, 2016, the unauthorised party acquired certain user information from the playdomforums.com site," Disney said in a statement.
Disney also cautioned users to not fall into the password reuse trap, also warning users to be on alert for suspicious scam emails "that ask for information".
Although Disney refrained from disclosing how many user accounts were affected by the breach, it said the passwords for the affected accounts have already been "invalidated", in efforts to protect user data. Additionally, the company has launched new forums to replace Playdom "with enhanced security measures". Two other dedicated forums for players of Marvel Avengers Alliance and Star Wars Commander have also been launched.
Disney's Playdom forums appeared to be running on the older version of the vBulletin platform, the Register reported. A known vulnerability in the software also recently led to a data breach on the forums of the popular mobile game Clash of Kings. It is still uncertain if Playdom forums will be back online in the future or if Disney intends to continue with the already launched separate forums.