Lego fans told to change passwords after cyberattack


BrickLink, a Lego Group-owned marketplace for Lego sets and parts, suffered a cyberattack with attackers accessing some users’ accounts.

The Lego marketplace is now back online after being offline since November 3rd due to a cyberattack, BrickLink said in a recent statement. According to the company, it opted to shut down after attackers sent a ransom demand.

BrickLink explained that it was previously aware of “suspicious activity” with unauthorized sellers offering products at unrealistic discounts and taking money from duped buyers. Once the company received a ransom demand, it opted to go offline and investigate.

ADVERTISEMENT

The company’s investigation revealed that attackers may have accessed a “small number” of BrickLink accounts. The company noted that there’s no evidence that its systems have been breached.

“At this stage we believe this was a ‘credential stuffing’ incident, where someone obtains lists of usernames and passwords from a third party, often illegally, and opportunistically tries to use them on a website,” the company said.

Lego marketplace said it had informed impacted individuals.

While BrickLink maintained that its website was not breached, users still should take precautions and update their account passwords to avoid security incidents.

ADVERTISEMENT