Bin Weevils Meme

by

THE BEST YOUTUBER OF ALL TIME. If playback doesn't begin shortly, try restarting your device. You're signed out. Videos you watch may be added to the TV's watch history and influence TV recommendations. To avoid this, cancel and sign in to YouTube on your computer. Subscribe for more epic scooter trick montages. CRINGY INTERNET SAFETY VIDEOS.

Binweevils Memes

  • Posted 20/03/2020

Spring has Sprung in the Binscape for 2020!

Celebrate with some highly-requested Spring and Easter nest items!
Binweevils membership hack
  • Posted 20/03/2020

Garden of the Week Winner - _ren!

A weekly showcase of the best gardeners in the Binscape!
  • Posted 20/03/2020

Play Bin Weevils Game

Best Nest - Issue #390!

A weekly showcase of the best nest decorators in the Binscape!

  • Posted 13/03/2020

Garden of the Week Winner - gladdaisy4!

A weekly showcase of the best gardeners in the Binscape!
  • Posted 13/03/2020

Best Nest - Issue #389!

A weekly showcase of the best nest decorators in the Binscape!

  • Posted 06/03/2020

Garden of the Week Winner - misty-dayz!

A weekly showcase of the best gardeners in the Binscape!
  • Posted 06/03/2020

Best Nest - Issue #388!

A weekly showcase of the best nest decorators in the Binscape!

  • Posted 28/02/2020

Garden of the Week Winner - 12theron!

A weekly showcase of the best gardeners in the Binscape!
  • Posted 28/02/2020

Best Nest - Issue #387!

A weekly showcase of the best nest decorators in the Binscape!

  • Posted 21/02/2020

Garden of the Week Winner - hannmcdermot!

A weekly showcase of the best gardeners in the Binscape!

Bin Weevil Famous Memeulous

We’ve seen it before – in fact, we seem to be seeing it a lot recently – data from an old hack first being publicly leaked. This time it’s Bin Weevils, a British online children’s game, owned by 55 Pixels.

In September 2014, Bin Weevils posted a note on their site that they had discovered a “vulnerability” affecting usernames and passwords. In response, they forced a password reset and added some unspecified security features. Their note does not seem to inform users that the data were actually hacked and acquired. And based on data provided to DataBreaches.net yesterday and today, they did not fully disclose the types of information that were hacked.

Yesterday, DataBreaches.net was contacted by “ShohidzIslam,” who wrote that he had learned of a database that was now being released to the public by hackers going by the names of “Pure”, “LukeBaxter”, “Akshay”, “Tyrone” and “Philip.” A link to the data had reportedly been posted in an IRC chat.

The file, which DataBreaches.net obtained and inspected, consisted of 1,022,883 records. Each record included the user’s username, encrypted password (salt+hash), and in-game data like their pet’s ID number, pet’s name, and date of registration. A line at the top of the dump credits “jkb, legit, lukebaxter, tyrone, philip, pure, akshay.”

ShohidzIslam informed DataBreaches.net that he asked the hackers if they also had IP addresses and email addresses. In response, they provided a redacted screenshot showing all of the fields, which did include both registration and login IP addresses, as well as email addresses.

“Luke Baxter” allegedly informed him that they were reserving the full data set with the email addresses and IP addresses as they might sell all of the data privately at some future time. The 1-million record sample was to alert the public that the data were out there, but he claimed that the full data set has approximately 20 million records.

Bin Weevils Memeulous

Data in the dump were dated from 2014, which would be consistent with the incident reported in September, 2014 by Bin Weevils. Attempts to verify the data by trying to create new accounts using usernames in the dump resulted in messages that the tested usernames were already taken. Data in the redacted screenshot corresponded to data found in the data sample, although it appeared to be from a different database as the order of the rows did not match.

Evidence that the hackers have email addresses obviously raises questions about Bin Weevils’ report that the breach affected (only) usernames and passwords. Based on Bin Weevil’s About page and Privacy Policy, the email addresses are likely the parents’ email addresses. Parents might understandably want to have been informed if their email addresses with some of their children’s information had been acquired by hackers.

Memeulous Bin Weevils

DataBreaches.net sent Bin Weevils an inquiry yesterday asking them to confirm whether email addresses and IP addresses were also in the hacked database, and to confirm or deny the claim of approximately 20 million records, but has received no reply other than an auto-responder.

DataBreaches.net will update this post if additional information is obtained.

Update of August 20, 2017: DataBreaches.net received an email from a sender identifying themselves as “Akshay,” that claimed, in part:

… The information on that link I have given has the name ‘akshay’ in, who did not have anything to do with the games database being released, the name was used to blame another individual.

Club Penguin Rewritten

I have copy and pasted the lines on your website containing the name ‘akshay’ below. You was given this article by someone who was actually involved in what happened and now is trying to cover himself up and blaming others which is really sad.