Lego’s Website Hacked to Promote ‘Lego Coin’ Cryptocurrency Scam
In a stunning cyberattack, Lego’s official website was infiltrated by hackers to promote a fraudulent cryptocurrency scheme involving a fake “Lego Coin.” Visitors to the site on October 4, 2024, were met with a deceptive banner urging them to buy these bogus tokens, lured by promises of “secret rewards.”
The banner, which displayed golden coins featuring the iconic Lego logo, falsely announced the launch of “Lego Coin,” an alleged new digital currency from the company. The message read:
“Our new Lego coin is officially out! Buy the new Lego coin today and unlock secret rewards!”
Users who clicked on the banner were redirected to an external site that purportedly sold “Lego tokens.” This unauthorized site was designed to trick visitors into purchasing a non-existent cryptocurrency under the guise of an official Lego promotion.
How the Hack Unfolded
The breach took place overnight at Lego’s headquarters in Denmark. It was quickly flagged by fans on the popular Lego subreddit, with many users warning others about the suspicious activity. The malicious banner remained live for a short period before Lego’s cybersecurity team intervened.
Swift Response by Lego
Lego acted promptly to remove the fraudulent advertisement and restore its website. By October 5, 2024, the company issued an official statement confirming that no user accounts had been compromised during the incident. In a comment to Engadget, Lego reassured customers that the breach had been contained:
“An unauthorized banner briefly appeared on Lego.com on the evening of October 4, 2024. It was swiftly removed, and the issue has been fully resolved. No user accounts have been affected, and customers can continue shopping as usual.”
The company further stated that it had identified the cause of the breach and was working on additional security measures to prevent future incidents.
The Rise of Crypto Scams Targeting Brands
This breach highlights the growing threat of cryptocurrency scams that leverage well-known brand names to target unsuspecting users. By exploiting trusted websites, hackers can create the illusion of legitimacy, making their schemes more convincing. The “Lego Coin” incident is a reminder for users to stay vigilant when navigating websites, especially when encountering unusual or unsolicited promotions.
While Lego has successfully mitigated the damage from this attack, the event serves as a wake-up call for businesses to enhance their cybersecurity protocols to protect their digital platforms from increasingly sophisticated threats. This event stresses the need for ongoing vigilance in the face of evolving cyber threats. As brands continue to expand their digital presence, hackers will inevitably seek to exploit every opportunity.
Lego’s team is now focused on tightening security to ensure that such attacks don’t jeopardize the trust it has built with its global customer base.
