clock menu more-arrow no yes mobile

Filed under:

Some Neopets users are locked out of their accounts following data breach

Please, my pets are starving

a starry kau with a hat hanging off a ledge Image: Neopets/Jumpstart
Nicole Carpenter is a senior reporter specializing in investigative features about labor issues in the game industry, as well as the business and culture of games.

Some Neopets users are locked out of their accounts following the massive data breach that allegedly compromised 69 million accounts in July. The good news is that these players — which include me — have not been hacked. The problem is still a little more complicated, and impacting an unspecified portion of Neopets players.

The Neopets team forced a password reset for all users on Monday, a safeguard designed to help protect users following the hack. Jumpstart, which has owned Neopets for years, posted an update on the Neopets website and social media: “As a precaution, we are taking steps to protect users’ accounts, so when you next visit Neopets, you will be prompted to change your password,” the team wrote.

Neopets players that are having problems are largely users who no longer have access to their attached email addresses, like me. In fact, I have no clue what email address my Neopets account is even attached to; I simply did not think to change the email address associated with my account because over the past few years, I’ve had no trouble logging in. It was an option, though, which means this gaffe is slightly on me.

There are seemingly tons more players in the same boat, publishing confused pleas for help and mourning their decades-old lost accounts across Facebook, Reddit, Discord, and other social media. To put it bluntly, it’s a mess of confusion among worried and also furious players. Neopets, once an immensely popular create-a-pet website, has had a contentious relationship with players for some time — particularly, owner Jumpstart. The thing is, people love Neopets and the day-to-day team that works on the site. But they’re frustrating with the overarching structure of the site, whether that’s a lack of resources or transparency.

At last count, in 2020, Neopets had a reported 100,000 daily active users. Some of the game’s most passionate players have played for decades, and they’re concerned about losing that history and access.

Jumpstart has not responded to Polygon’s request for more information.

Elsewhere in Neopets’ Monday statement, the team noted that there’s no evidence credit card information was accessed in the breach. The team also wrote that the staff is “working around the clock” to add new safety measures. Multi-factor authentication is one feature Jumpstart is working to add.