A group called The Best YoVille Hackers took credit for stealing digital goods from less than 1,000 players of the popular game. The hackers leveraged a number of security issues to gain access to the accounts of others.
Zynga representatives are confident that the vulnerabilities have been addressed. They reassured customers that the hackers didn’t gain access to credit card details or other sensitive information, the data being stored in a separate location, VentureBeat informs
“We detected unusual activity in YoVille, and it coincided with reports from a small number of users. We analyzed the reports. We found that a small number of vulnerabilities that contributed to the unusual activity. The game team patched these vulnerabilities immediately,” Nils Puhlmann, chief security officer at Zynga, said.
The hackers used the vulnerabilities back in April when, according to one of the affected players, they were able to delete the inventory items of several users.
Zynga couldn’t fix the issues right away and as a result some of the customers were complaining that the company wasn’t acting fast enough to address the problem.
On the other hand, Puhlmann says that certain measures have been taken. Most of the stolen goods have been restored and players suspected of wrongdoings have been banned from the game.
“First and foremost, we want to thank our YoVille players and ensure they have the best experience possible. Since we first identified abnormal activity a few weeks ago, securing YoVille and restoring the games of the affected players have been our top priorities,” said Steve Lurie, general manager for YoVille.
“We quickly searched for and identified the vulnerabilities we believe attackers used to harass our players and patched them immediately. Fortunately, no sensitive player information was at risk, and our assessments indicate that fewer than 1,000 YoVille players were impacted. We will remain vigilant in our ongoing security efforts.”