Computer Weekly

Lego fixes dangerous API vulnerability in BrickLink service

The Lego Group has moved swiftly to fix a pair of application programming interface (API) security vulnerabilities that existed in its BrickLink digital resale platform, after they were identified by ...
SiliconANGLE

Unsecure bricks: API vulnerabilities found in Lego BrickLink marketplace

When most people think of the Danish company Lego A/S, it would be of toy bricks and childhood imagination. But Lego has moved into the digital age, offering a service called BrickLink, and ...
Bleeping Computer

LEGO BrickLink bugs let hackers hijack accounts, breach servers

Security analysts have discovered two API security vulnerabilities in BrickLink.com, LEGO Group’s official second-hand and vintage marketplace for LEGO bricks. BrickLink is the world’s largest online ...
Dark Reading

API Flaws in Lego Marketplace Put User Accounts, Data at Risk

API flaws in a widely used Lego online marketplace could have allowed attackers to take over user accounts, leak sensitive data stored on the platform, and even gain access to internal production data ...
The Verge

Popular Lego marketplace went offline after a ‘ransom’ demand

BrickLink went down on November 3rd after a possible security breach. Now, it’s back online and asking all users to change their passwords. BrickLink went down on November 3rd after a possible ...