Neopets, a website where users take care of virtual made-up species of “pets,” was hacked this week.
On Wednesday, the Neopets Twitter account said it is aware that “customer data may have been stolen” and that it’s launched an investigation “assisted by a leading forensics firm.”
“We are also engaging law enforcement and enhancing the protections for our systems and our user data,” the tweet said.
Some on Jellyneo.net, a Neopet fan site, reported that the person behind the hack was soliciting a price of 4 Bitcoins (about $90,000) for the data. They speculated that about 69 million accounts were compromised.
This is not the first time the platform has struggled with hacks and security.
In 2016, millions of accounts were exposed during a hack of the site. That hack affected users’ information, according to Vice. In 2020, security researchers discovered to codebase (the code that makes up a website) of Neopets being sold on nefarious parts of the internet, according to The Verge.
Neopets on Wednesday urged users to change their passwords and passwords on other websites if they’re the same as the passwords used on the platform.
The website, which launched in 1999 and was considered a staple of the early internet days. It most recently launched a collection of NFTs.
Kalhan Rosenblatt is a reporter covering youth and internet culture for NBC News, based in New York.