LEGO Marketplace BrickLink Hacked? Website Down After Suspected Cyberattack

LEGO Marketplace BrickLink Hacked? Website Down Amid Unusual Activity (Updated)

BrickLink confirms probing into unusual activity.

Key Points

  • The official website of BrickLink displays a message stating that it experienced unusual activity.
  • Ransom messages were reportedly sent out to many BrickLink users’ accounts.
  • Apparently, hackers are demanding payments in cryptocurrency in exchange for not deleting store inventories and other items.
  • BrickLink is yet to release an official statement about the incident, and there is no confirmation that the company has become a target of cyberattack.

The website of BrickLink, the world’s leading LEGO marketplace and fan community, is currently down, allegedly due to a hacking incident. The company is investigating the issue and has taken down the website as a precautionary measure.

Usually, BrickLink’s website goes under maintenance regularly, but this lasts for a few minutes only. This time, the maintenance mode has lasted for over five hours, according to Jay’sBrickBlog. Users who visited the site saw the following message:

“Bricklink is currently investigating some unusual activity, so it’s too early to speculate further. We will share more information once it’s available.”

The company posted another update on November 4 at 3:58 a.m. EST, “We continue to investigate the unusual activity. We want to make sure we take the time to investigate fully. We will be back up and running as soon as possible”.

LEGO Marketplace BrickLink Hacked? Website Down After Suspected Cyberattack
Bricklink website down (Screenshot:

Several BrickLink users have reported receiving or viewing ransom messages allegedly from the hacker(s). A user wrote this message on Reddit, “I saw ransom messages on the forum and now can’t access the site. Any info?”

Another user wrote that BrickLink has gone into “preventive shutdown” and that “BrickLink had 30 minutes to pay EUR 50,000 to a bitcoin account or they would start deleting inventories from big stores. The shutdown appears to be an effort to get the hackers out of the system.”

According to the messages shared by BrickLink users, Sellers and Stores accounts have been hacked, and attackers are demanding payments in cryptocurrencies in exchange for not deleting items and store inventories. Instagram user exabrickslegogo_ claims that attackers are allegedly asking €50,000 for site restoration.

LEGO Marketplace BrickLink Hacked? Website Down After Suspected Cyberattack
Ransom message received by users

BrickLink was founded by Dan Jezek in June 2000. It boasts over a million members, 10,000+ seller stores in 70 countries, and hosts the BrickLink Designer Program that lets fans create personalized sets that become physical builds if they attract 10,000 votes. It became a wholly owned Lego subsidiary in 2019 but is managed as a standalone platform where fans can buy specific pieces, get instructions on models, and locate hard-to-find sets.

Since the company is yet to release an official statement, there’s no clarity on what could have happened and what data may have been compromised. BrickLink is investigating the incident but hasn’t provided any timeline for when the site will be online again. Meanwhile, BrickLink users must exercise caution and avoid clicking on links/attachments in emails or messages from unknown senders.

Update November 5th. 4.40 pm EST

BrickLink’s website remains offline. The company is actively engaged in efforts to restore the platform and has released the following statement:

“We temporarily closed the BrickLink site due to unusual activity on Friday. Since then, the team has been working super hard to make sure we can reopen as soon as possible – and we’re getting closer to doing that. We want to assure you we’re working as fast as we can – and not getting much sleep – to restore BrickLink. Many thanks.”

BrickLink Team

Update November 6th. 4.02 pm EST

Despite BrickLink’s website remaining offline, the company has confirmed that it fell victim to a cyberattack. They stated that a ‘very small percentage’ of their accounts may have “potentially been accessed by unauthorized individuals.” Additionally, BrickLink has confirmed that the website will remain offline for a longer duration than originally anticipated.

“Our investigations so far suggest that a very small percentage of our accounts may potentially have been accessed by unauthorized individuals. We’ll be in contact with people directly soon with more details We know it’s very frustrating and we’re sorry that BrickLink will unfortunately be closed for a bit longer.”

BrickLink Team

  1. Disney+ accounts being sold on dark web marketplaces
  2. Fashion marketplace giant 21 Buttons exposes millions of users’ data
  3. Brazilian marketplace integrator Hariexpress exposed billion of records
Related Posts