Visitors to Lego’s website on the evening of October 4 were greeted by a suspicious banner showcasing golden coins adorned with the Lego logo, encouraging people to invest in a so-called “Lego coin.” This banner promised secret rewards to those who bought the coins. However, Lego had no plans to release any cryptocurrency, and it quickly became apparent that this was a fraudulent scheme. According to The Brick Fan, the banner led visitors to an external website selling “LEGO Tokens” using Ethereum, a clear sign of a cyberattack.
<blockquote class="reddit-embed-bq" style="height:500px" data-embed-height="396"><a href="https://www.reddit.com/r/lego/comments/1fwfp1z/legocom_hacked_by_crypto_scammers/">Lego.com hacked by crypto scammers</a><br> by<a href="https://www.reddit.com/user/mescad/">u/mescad</a> in<a href="https://www.reddit.com/r/lego/">lego</a></blockquote><script async="" src="https://embed.reddit.com/widgets.js" charset="UTF-8"></script>Hackers seemingly took over part of Lego’s site and used the platform to promote a cryptocurrency scam, targeting unsuspecting fans and buyers. Many users, including those on the Lego subreddit, raised concerns about the banner and links, noticing that the incident occurred during the nighttime at Lego’s headquarters in Denmark.
Lego reacts quickly to the hack
Although the breach happened overnight in Denmark, Lego quickly responded once alerted to the issue. The company swiftly removed the unauthorised banner and the fraudulent links. As of this writing, the Lego and Fortnite collaboration banner is back in place, and the “buy now” link has been restored to direct visitors to the correct collection of products.
Lego reassured its customers that no user accounts were compromised during the breach. The company explained that it had already identified the cause of the incident and is taking steps to ensure that a similar situation does not occur again. However, Lego did not share any details about what led to the hack or the specific measures it is implementing to prevent future attacks.
Official company statement
Lego issued an official statement regarding the incident:
“On October 5, 2024 (October 4 evening in the US), an unauthorised banner briefly appeared on LEGO.com. It was quickly removed, and the issue has been resolved. No user accounts have been compromised, and customers can continue shopping as usual. The cause has been identified, and we are implementing measures to prevent this from happening again.”
Despite the company’s swift action, the incident raises questions about website security and how even well-established brands can fall victim to cyberattacks. With more businesses moving online and handling sensitive customer information, the pressure to maintain robust security measures is higher than ever. Lego has reassured its customers that their information is safe, but it is yet to be seen what changes the company will make to fortify its digital defences.
In the meantime, site visitors can shop confidently, knowing the breach has been addressed and no personal data was affected.
