Lego fans told to change their passwords right now following serious cyberattack

Soon after, on November 3, the company received a “threat and ransom demand” prompting it to shut its systems down “out of an abundance of caution”. The post did not elaborate who made the ransomware threat, what the attackers were threatening with, or how much money they were asking for. 

Lego fan accounts risk

The admin did say that there was no evidence of system compromise. Instead, they suspect credential stuffing, thinking the attackers bought (or stole) a username/password database elsewhere and tried it on the BrickLink platform until they logged into some accounts.

We also don’t know exactly how many accounts were compromised this way. The post only says that a “relatively small number of BrickLink accounts” were involved. Their true owners were notified of the breach. The company has now brought its systems back online, and urged its users to tighten up on security and stay vigilant. 

“Although we know that the BrickLink site was not breached, we've further strengthened our security. We take the safety of BrickLink and our members very seriously and will continue to step up security across the platform,” the post reads.

“We’ve informed people where we have reason to believe that their accounts or stores may have been impacted, and reminded members of ways they can make their accounts safer and more secure by practicing good data security”. 

Users are advised to keep their systems patched, use antivirus and endpoint security software, and create strong, unique passwords for each individual website.

Via The Verge

More from TechRadar Pro

• Many businesses don't even know they've been hit by a security breach
• Here's our list of the best firewall for online protection today
• These are the best malware removal tools right now