Lego website hacked to promote 'Legocoin' cryptocurrency scam

According to Mars Finance, the Lego website suffered a security breach on October 4, and hackers replaced the website banner with a fraudulent cryptocurrency advertisement. The modified banner showed an illustration of a golden coin with the Lego logo, and falsely advertised the launch of "Lego Coin", promising "secret rewards" and urging users to buy tokens.

Visitors who clicked on the banner were redirected to an external website that sold "LEGO tokens," The Brick Fan reported. The intrusion took place at LEGO's Danish headquarters and was quickly noticed by users of the LEGO subreddit.

Lego quickly removed the unauthorized content and restored the original banner. The company confirmed the next day that no user accounts had been compromised. In a statement to Engadget, Lego said : On October 5, 2024 (late October 4, US time), an unauthorized banner ad briefly appeared on Lego.com. The banner ad was quickly removed and the issue was resolved.

"No user accounts were compromised and customers can shop as usual. The cause has been identified and we are taking steps to prevent this from happening again," the company's statement added.