UPDATE 6:35PM NST: Mandatory password updates have resumed.
Many Neopians are still experiencing issues after updating their password. So our advice remains that you wait until there has been further info from Neo to prevent a “glitch” lockout of your account. We also suggest you read the TROUBLESHOOT GUIDELINES section below.
UPDATE 3:19PM NST: Some users are reporting that despite changing their password, they are being logged out of the site after logging in after the password change. We would advise Neopians to wait to change their password until there is further information that the password reset is working correctly and players aren’t being logged out. Other users are reporting that they aren’t receiving emails to change their password. There may be a delay in receiving the email to change passwords due to the load on the system.
We will continue to keep you updated on developments.
Neopets today has posted an update on social media since July 20th on the active hack that breached Neopets databases:
We wanted to take a moment to provide you with an update since our update on July 20th.
As we previously communicated, Neopets was alerted on July 20th to activity indicating unauthorized access by a third party to portions of our IT systems. Upon investigation, we took immediate steps to shut down further access to the affected systems and we have not seen any unauthorized activity since that time.
We reported the event to law enforcement, and began working with external cybersecurity experts to investigate the event and determine what happened and what data was impacted. As a matter of course, we do not collect or store payment information and do not have evidence that it was impacted. Once the investigation has concluded, we will share additional information, as appropriate.
Our team is working around the clock, deploying additional safeguards onto our systems, including enhancing monitoring of our systems, reinforcing our security practices, and actively reviewing systems to enhance security controls and all security protocols. As a reminder, neither Neopets or its employees will ever ask for your login information. As a precaution, we are taking steps to protect users’ accounts, so when you next visit Neopets, you will be prompted to change your password. We are also currently working on adding multi-factor authentication to better safeguard your account access.
We appreciate your understanding and patience during this event and are committed to supporting the Neopets community. We invite you to reach out to us through our normal support channels with any questions or concerns you might have regarding this incident or the security of your account.
Key takeaways from this update:
- Neopets is working to introduce multi factor authentication.
- Users will be promoted to update their password on their next visit.
- Investigation is ongoing
- No payment data information has been breached
As previously mentioned it is highly advisable to use different passwords across any online accounts to have the best security across multiple platforms. Also it is advised you follow the below guidelines when selecting your password.
– Neopets struggles with passwords longer than 20 characters. Ensure your password is within this limit.
– Although desirable to use special characters in your password, Neopets on the record have stated that special characters cause issues and aren’t supported (#*& etc)
– When entering your username to reset your password, ensure you don’t use capital letters as the box is case sensitive.
– If you have been locked out of your account, we suggest you submit a support ticket via Neopets to lodgthe issue.
We will continue to keep you updated when there is further information.