Famous Lego Marketplace Went Offline after Demand for Ransom

Famous Lego marketplace went offline after a demand for ransom. BrickLink, a famous Lego marketplace reportedly went down on November 3rd after a possible security breach on its system. And now, the platform is back online and then requesting all of its users to change their passwords.

Famous Lego Marketplace Offline

Famous Lego Marketplace Offline

BrickLink, which is an online Lego parts marketplace reportedly, owned by Lego, is back online after a couple of days of downtime due to a cybersecurity incident that apparently targeted some merchant accounts on the platform. The company has stated that it got a “threat and ransom demand” last Friday, presumably in regard to firm or user data, thus leading it to shut down the site “out of an abundance of caution.”

The site in question has been detecting “limited suspicious activity” since mid-October when unauthorized sellers at the time fraudulently attempted to collect money via unrealistically discounted listings.

Small Amount of Accounts May Have Been Compromised According to BrickLink

BrickLink has stated that a “relatively small” amount of accounts may have been compromised but however, does not see any evidence that its systems were in any way breached. It says “credential stuffing” took place, where threat actors input compromised passwords from other sources in a bid to try to break into the accounts of owners on different sites.

BrickLink’s Advice to Users and Account Holders

Jay Ong, Lego reviewer and blogger, who writes for Jay’s Brick Blog, reportedly posted that they got a message from BrickLink that all users must immediately make changes to their passwords. Ong even stated that they were assured their BrickLink account was not compromised. And most notably, BrickLink does not yet offer two-factor authentication, although the company plans to integrate it in the future.



Please enter your comment!
Please enter your name here