Skip to main content

Massive Words with Friends hack exposes 218 million account login details

A hacker has claimed responsibility for a massive breach of the popular mobile game Words With Friends, saying more than 218 million account logins and associated data have been stolen. The hacker, known as Gnosticplayers, told The Hacker News the data comes from Android and iOS versions of the game, and includes everything from names and email addresses, to hashed passwords, phone numbers, and Facebook identification.

Words With Friends developer Zynga released a statement on September 12 regarding a cyberattack, but did not go into the extent of the hack or the numbers involved. It set about reassuring players that it did not believe any financial information had been accessed, but that account login information had. Zynga said it had, “taken steps to protect these users accounts from invalid logins,” and that following further investigation players would be notified of any concerns.

Recommended Videos

The potential severity of the hack has only become clear after Gnosticplayers spoke to The Hacker News. Sample data shared with the site included names, email addresses, login IDs, hashed passwords, password reset tokens, phone numbers, Facebook identification, and Zynga account details. In addition to the Words With Friends hack, Gnosticplayers claimed responsibility for hacking seven million other clear text passwords for accounts from Zynga’s Draw Something and the OMGPOP game, which is no longer available.

Please enable Javascript to view this content

The breach concerns account holders that have logged into Zynga’s games up to and including September 2, 2019. Even more concerning than the hack itself, is where the 218 million or more account details may end up. Gnosticplayers has successfully hacked dozens of other websites during 2019, varying from MyFitnessPal to CoffeeMeetsBagel, and has gone on to sell the account details through the dark web. It’s entirely possible the same thing will happen with the data from the latest hack.

If you play Words With Friends, what is the next step? As with all hacks, the best thing to do is change your password immediately, and also change it on any other sites or services where it was reused. If the service is offered, it’s always advisable to switch on two-step verification, which adds an additional layer of security to some accounts. Be extra vigilant when receiving unexpected emails that claim to be from sites you use requesting details or password changes too.

Zynga has launched an investigation, is working with forensic teams, and has contacted law enforcement about the hack.

Andy Boxall
Andy is a Senior Writer at Digital Trends, where he concentrates on mobile technology, a subject he has written about for…
iPod hack puts 50 million Spotify songs in your pocket
ipod hack puts 50 million spotify songs in your pocket streaming device

When the iPod music player launched in 2001, Apple went with the slogan, “1,000 songs in your pocket.”

Skip forward 20 years and a brilliant bit of work by Massachusetts resident Guy Dupont puts 50 million songs in your pocket, streamable via Spotify.

Read more
Three charged in massive Twitter hack
Twitter Bitcoin

A 17-year-old male from Florida has been arrested for being the alleged "mastermind" behind the massive Twitter hack that targeted high profile accounts with a Bitcoin scam, according to prosecutors.

Graham Clark of Tampa Bay faces 30 felony charges in connection with the Bitcoin scam, according to Hillsborough State Attorney Andrew H. Warren. The charges include counts of organized fraud, communications fraud, and use of personal information.

Read more
Some accounts had private messages stolen in Twitter hack
Twitter symbol photo. Credits: Twitter official.

Twitter has shared more details about how dozens of high-profile accounts were accessed and used to promote a cryptocurrency scam this week.

Twitter has already revealed that around 130 accounts were targeted in the hack, including accounts of prominent political figures like Barack Obama and Joe Biden as well as cryptocurrency enthusiasts Elon Musk and other celebrities like Kanye West.

Read more