Closeup of a Lego Batcave set. | Image: Lego
BrickLink, the unofficial online Lego parts marketplace, is back online after several days of downtime due to a cybersecurity incident that apparently targeted some merchant accounts. The company said it received a “threat and ransom demand” last Friday, presumably in regard to company or user data, leading it to shut down the site “out of an abundance of caution.”
The site has been detecting “limited suspicious activity” since mid-October, where unauthorized sellers fraudulently attempted to collect money through unrealistically discounted listings.
BrickLink says a “relatively small” amount of accounts may have been compromised but does not see any evidence that its systems were breached. It says “credential stuffing” occurred, where…