TLDR
- LEGO’s website was hacked to display a fake “LEGO Coin” cryptocurrency scam
- The scam banner was up for about an hour before being removed
- No user data was compromised according to LEGO
- LEGO has stated they have no plans for cryptocurrency or Web3 projects
- The incident highlights escalating tactics by crypto scammers targeting popular brands
On Friday, the official LEGO website fell victim to a brief hack that displayed a fraudulent cryptocurrency promotion.
The incident, which lasted for approximately an hour, showcased a banner advertising a non-existent “LEGO Coin” on the site’s homepage.
The scam attempted to lure users into purchasing the fake cryptocurrency with promises of “secret rewards.”
Visitors who clicked on the “buy now” button were redirected to an external website that requested payments in Ethereum, a well-known cryptocurrency.
LEGO, the Danish toy company famous for its interlocking plastic bricks, has never expressed interest in creating its own cryptocurrency.
In fact, the company stated in August that it would not venture into crypto or Web3 projects unless tied to a physical product.
The hack was first noticed by a LEGO fan, who quickly shared the information on social media platforms such as Reddit and X (formerly Twitter).
Hey @LEGO_Group someone popped your site and changed the main page! It directs to a crypto site to an account that is almost definitely not you guys! pic.twitter.com/JrG31zcpYX
— ZTBricks (@ztbricks) October 5, 2024
This rapid spread of awareness likely contributed to the swift removal of the malicious content.
In response to the incident, LEGO issued a statement confirming that no user accounts or personal data had been compromised.
The company reassured customers that they could continue shopping on the website as usual.
“The issue has been resolved. No user accounts have been compromised, and customers can continue shopping as usual,” the statement read.
LEGO also mentioned that they are working on enhanced security measures to prevent similar incidents in the future. This proactive approach is crucial in maintaining customer trust and protecting the brand’s reputation.
The incident highlights an alarming trend in cryptocurrency scams, where hackers are increasingly targeting well-known brands to lend credibility to their fraudulent schemes.
By exploiting the trust and recognition associated with established companies like LEGO, scammers hope to trick unsuspecting victims into parting with their money.
It’s worth noting that this type of scam is not unique to LEGO. Many popular brands and public figures have had their names or likenesses used without permission in cryptocurrency-related scams.
These fraudulent schemes often promise high returns or exclusive opportunities to entice potential victims.
The brief nature of the hack suggests that LEGO’s cybersecurity team was able to respond quickly to the threat. However, the incident serves as a reminder of the ongoing challenges faced by companies in protecting their online presence from increasingly sophisticated cyber attacks.
For consumers, this event underscores the importance of staying vigilant when encountering unexpected or too-good-to-be-true offers online, especially those related to cryptocurrencies.
It’s always advisable to verify information directly from official sources and to be cautious about clicking on unfamiliar links or providing personal information.