Online Kids’ Game Animal Jam Is Breached, 46 Million Accounts Exposed

Data breaches have become part of our everyday reality affecting governments, businesses, and individuals alike. In this blog post series, we take a look at recent breach incidents, analyse how they happened, and examine what can be done for your protection.

What Happened?

WildWorks, the company behind the popular kids game Animal Jam, reported that approximately 46 million of its users’ accounts were compromised in a recent data breach. The accounts were leaked online after an access key for a server was lifted from one of its Slack channels. In a post announcing the data breach on the Animal Jam website, WildWorks said that it: “has learned that a database containing some Animal Jam user data was stolen in connection with a recent attack on the server of a vendor WildWorks uses for intra-company communication.”

What Information Was Involved?

The full list of data exposed in the breach includes:

  • Approximately 7 million email addresses used to create Animal Jam and Animal Jam Classic parent accounts
  • 32 million usernames associated with parent accounts and passwords 
  • 23.9M records including the gender the player
  • 14.8M records including the birth year the player entered at account creation
  • 5.7M accounts including the full birthday the player entered at account registration
  • 16,131 of the parent accounts including a parent’s first and last name, without a billing address
  • 12,653 of the parent accounts including a parent’s full name and billing address

What Are the Risks to You?

Aside from the fact that your own info can be sold on the dark web making identity theft and fraud against you a distinct possibility, the situation is more concerning when your child’s sensitive data is exposed.   

These are just a few things a bad actor can do if they get your child’s contact details:   

  • Solicit Personally Identifiable Information that can be used to commit identity theft or other cyber crimes against your child or you personally. 
  • Trick children into clicking phishing links or installing malware on computers that leads to stealing credentials and other valuable personal information.  
  • Pretend to be a kid and contact your child in an attempt to arrange an on- or offline meeting.   

Is There Anything You Can Do?

Cyber criminals may be smart, but you and your children can be smarter. These online safety tips can help.

  1. Talk with your child about their online activity: As soon as your kids venture online, educate them about healthy behaviours and possible online threats. Discuss what they are reading, watching, and which sites they’re using.


  2. Monitor what your kids are doing online: When you let your children get their own email address, set up social media accounts, play online games and use the internet, check in regularly on what they’re doing. Let them know you  monitor their devices and make sure they understand that it’s about safety, not snooping.


  3. Know who your children’s online friends are: Teach your kids to be cyberwise from an early age and explain to them that some people online aren’t who they say they are. Make sure you become friends and contacts within your child’s social media circles and monitor their posts. Your children may resist, but you need to explain to them that it is one of the conditions for their online access.


  4. Stay on top of information shared online: If children don’t understand how information is shared, there’s a good chance they may unintentionally reveal too much. Get familiar with the websites your kids visit, the social media they use, and the apps they download. Read reviews and check out the site’s terms and conditions to see what kind of information the platform tracks and stores.


  5. Keep control of your family’s digital footprint: Every picture and personal detail that is posted and shared on social media and the internet contributes to a digital footprint. Once information is shared publicly, it can be used in ways you may not expect and cannot control. One of them is profiling, a technique very popular among people-search sites that collect your personal information scattered on the internet. They use this information to enhance the profile they already have on you and then sell it to anyone willing to pay for it. Consequences of having your information sold include increased spam, identity theft, fraud, and stalking.

Teach your child to stay in control of their digital footprint, by only sharing with people who they know and trust. The same goes for you – don’t overshare information or post too many pictures of you and your kids online

Stay Informed

Obviously, no parent can stop hackers from breaching databases and stealing their children’s information. You can, however, set a good example of wise online behavior for your kids. Start monitoring what’s happening with your own personal information before the damage becomes irreparable. Sign up for OneRep’s 5-day trial to build up your protection from fraud.

Remove your sensitive info from the web

OneRep’s algorithm scans 196 data brokers and removes your records from all people-search sites that publish them

Iryna Slabodchykava

Content Strategy Manager at OneRep | LinkedIn