TechCrunch reports that the Pokemon Company has implemented password resets for some of its users' accounts following a series of hacking attempts.
Only 0.1% of targeted Pokemon accounts have been breached, according to Pokemon Company spokesperson Daniel Benkwitt, who emphasized the absence of further compromise. "The account system was not compromised. What we did experience and catch was an attempt to log in to some accounts. To protect our customers we have reset some passwords which prompted the message," said Benkwitt, who added that no action is needed among individuals who were not forced to replace their passwords. No further details regarding the incident were provided but TechCrunch suspects the likelihood of a credential stuffing attack similar to the one that impacted 23andMe last year. Such an intrusion, which facilitated access to nearly 14,000 23andMe accounts then leveraged to infiltrate millions of other users' genetic data, has resulted in widespread deployment of mandatory two-factor authentication among companies in the genetic testing space.
