Breach and Leak Report: Club Penguin Rewritten (CPRewritten) was breached two times in 2018 and 2019; it is for children's gaming, so it leaked millions of underages' emails and personal data.
Learn how to check breach in 5 minutes |
Tips about Data Breach |
By Jackson White | Back to Breach List |
Disclose quickly CPRewritten did its best to keep accounts and their data safe. The website disclosed the hacking on the first day. They contacted victims and forced them to change passwords and re-login.
Change password All passwords are saved as high-standard Bcrypt hash, which should be safe temporarily. However, the algorithm isn't a magic shield and might be decrypted by attackers with enough time on their hands. So, users have to update the password; the earlier, the safer.
Help underage victims As for leaked emails and other personal information, CPRewritten doesn't have a settlement plan. Parents and adults have to keep an eye on young victims from cybercriminals driven by the leaked private data.
We agree that the company's actions have made considerable progress compared with the previous breach. In January 2018, CPRewritten suffered the first data breach that exposed about 1.7 million unique email addresses. The company hid it from the public until HIBP announced it more than a year later, in April 2019.