cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Pokemon Company resets passwords after hackers target players

Beloved gaming company forced to lock some user accounts after detecting hacking attempts.

user icon David Hollingworth
Wed, 20 Mar 2024
Pokemon Company resets passwords after hackers target players
expand image

The Pokemon Company published an alert on its website this week, warning of an “attempt to compromise our account system”.

The company then said it had chosen to proactively block several user accounts.

“Following an attempt to compromise our account system, Pokemon proactively locked the accounts of fans who might have been affected,” the alert, now removed, read.


“If you are unable to log in to your Pokemon Trainer Club account, please reset your password following the instructions here.”

However, following the removal of the alert, a company spokesperson later explained that there was no attempt to access the Pokemon Company itself, but rather limited attempts to access some user accounts.

“The account system was not compromised. What we did experience and catch was an attempt to log in to some accounts. To protect our customers, we have reset some passwords which prompted the message,” Daniel Benkwitt, a Pokemon Company representative, told TechCrunch.

According to Benkwitt, only 0.1 per cent of access attempts were successful, but as the company had already performed a forced reset of account passwords, users’ accounts were safe.

The Pokemon Trainer Club lets members use one account to log into a raft of games, including Pokemon Go, the Pokemon Trading Card Game, and more. It’s also a popular site with children, and the club lets parents manage their game profiles.

What the Pokemon Company detected was likely a credential-stuffing attack, an attack that has the capacity to compromise many accounts in a short space of time. Australian fashion retailer The Iconic recently fell victim to a widespread credential-stuffing campaign, costing several of its customers tens of thousands of dollars.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.