Key Points
- The official website of BrickLink displays a message stating that it experienced unusual activity.
- Ransom messages were reportedly sent out to many BrickLink users’ accounts.
- Apparently, hackers are demanding payments in cryptocurrency in exchange for not deleting store inventories and other items.
- BrickLink is yet to release an official statement about the incident, and there is no confirmation that the company has become a target of cyberattack.
The website of BrickLink, the world’s leading LEGO marketplace and fan community, is currently down, allegedly due to a hacking incident. The company is investigating the issue and has taken down the website as a precautionary measure.
Usually, BrickLink’s website goes under maintenance regularly, but this lasts for a few minutes only. This time, the maintenance mode has lasted for over five hours, according to Jay’sBrickBlog. Users who visited the site saw the following message:
“Bricklink is currently investigating some unusual activity, so it’s too early to speculate further. We will share more information once it’s available.”
The company posted another update on November 4 at 3:58 a.m. EST, “We continue to investigate the unusual activity. We want to make sure we take the time to investigate fully. We will be back up and running as soon as possible”.
Several BrickLink users have reported receiving or viewing ransom messages allegedly from the hacker(s). A user wrote this message on Reddit, “I saw ransom messages on the forum and now can’t access the site. Any info?”
Another user wrote that BrickLink has gone into “preventive shutdown” and that “BrickLink had 30 minutes to pay EUR 50,000 to a bitcoin account or they would start deleting inventories from big stores. The shutdown appears to be an effort to get the hackers out of the system.”
According to the messages shared by BrickLink users, Sellers and Stores accounts have been hacked, and attackers are demanding payments in cryptocurrencies in exchange for not deleting items and store inventories. Instagram user exabrickslegogo_ claims that attackers are allegedly asking €50,000 for site restoration.
BrickLink was founded by Dan Jezek in 2020. It boasts over a million members, 10,000+ seller stores in 70 countries, and hosts the BrickLink Designer Program that lets fans create personalized sets that become physical builds if they attract 10,000 votes. It became a wholly owned Lego subsidiary in 2019 but is managed as a standalone platform where fans can buy specific pieces, get instructions on models, and locate hard-to-find sets.
Since the company is yet to release an official statement, there’s no clarity on what could have happened and what data may have been compromised. BrickLink is investigating the incident but hasn’t provided any timeline for when the site will be online again. Meanwhile, BrickLink users must exercise caution and avoid clicking on links/attachments in emails or messages from unknown senders.
