Computer Weekly

Lego fixes dangerous API vulnerability in BrickLink service

The Lego Group has moved swiftly to fix a pair of application programming interface (API) security vulnerabilities that existed in its BrickLink digital resale platform, after they were identified by ...
SiliconANGLE

Unsecure bricks: API vulnerabilities found in Lego BrickLink marketplace

When most people think of the Danish company Lego A/S, it would be of toy bricks and childhood imagination. But Lego has moved into the digital age, offering a service called BrickLink, and ...
Bleeping Computer

LEGO BrickLink bugs let hackers hijack accounts, breach servers

Security analysts have discovered two API security vulnerabilities in BrickLink.com, LEGO Group’s official second-hand and vintage marketplace for LEGO bricks. BrickLink is the world’s largest online ...
PC Magazine

Bugs in Lego Resale Site Allowed Hackers to Hijack Accounts

Security researchers said that BrickLink's flaws could have enabled an attacker to access and steal personally identifiable information. Our team tests, rates, and reviews more than 1,500 products ...
The Verge

Popular Lego marketplace went offline after a ‘ransom’ demand

BrickLink went down on November 3rd after a possible security breach. Now, it’s back online and asking all users to change their passwords. BrickLink went down on November 3rd after a possible ...