Zynga 2019 Data Breach

Zynga Mobile Game Developer Breach (2019): 172 Million Words with Friends & FarmVille Player Accounts Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

GnosticPlayersSocial EngineeringVideo GamesEmail AddressPasswordPhone NumberUsername
Low SeverityWebsite / service breach

Zynga Mobile Game Developer Breach (2019): 172 Million Words with Friends & FarmVille Player Accounts Exposed

Video game developer.

Verified by ObscureIQ Intelligence
12/100Breach Risk Index
5Data Value
10Market Recency
2321dSince Breach

Breach Intelligence Summary

Entity: Zynga · Actor: GnosticPlayers · Sources: 8 references
Attack: Social Engineering
Profile: Company · Mobile and social game development · Game publisher · Global
Timeline: Breach (2019-09-01) · Indexed (Dec 19, 2019) · Year (2019)
Exposure: 172.9M records · 4 fields: Email Address, Password, Phone Number, Username
Status: Confirmed

Executive Summary

Zynga, the mobile game publisher behind Words With Friends and FarmVille, suffered a breach in September 2019 when a hacker known as GnosticPlayers gained unauthorized access to one of its player databases. The attacker claimed to have downloaded records for every Android and iOS user who had installed Words With Friends before September 2, 2019. While Zynga's own public statement acknowledged the breach, independent estimates put the exposed record count at approximately 172.9 million unique accounts. The attack is believed to have involved social engineering, though Zynga has never released a detailed forensic account. The stolen data included email addresses, usernames, login IDs, and passwords stored as salted SHA-1 hashes, a format that is weaker than modern encryption standards and can be cracked with enough computing effort. Many records also contained phone numbers, password-reset tokens, Facebook IDs, and Zynga account numbers. No financial or payment data was stored on the compromised server, so credit card information was not exposed. Even so, the combination of email addresses and crackable passwords gives attackers the core ingredients for phishing campaigns, credential stuffing, and account takeover attempts, particularly against users who reuse the same password across multiple services. Zynga notified affected players and prompted password resets following the disclosure. No major regulatory action was publicly reported in the aftermath. For anyone who played Words With Friends or other Zynga titles before September 2019, the practical risk is that their login credentials may have circulated in criminal markets for years. Changing passwords on any account that shared credentials with a Zynga login remains the most important step affected users can take.

ObscureIQ assessment: Credential reuse and account takeover risk. Gaming accounts can be used for fraud, resale, or as pivot points into other linked accounts.

Breach Impact

The 2019 Zynga breach was significant because it affected a massive consumer gaming user base and exposed data that could be reused beyond the games themselves. Public breach tracking says the incident exposed about 173 million unique email addresses along with usernames and salted SHA-1 password hashes, creating a large credential set useful for password cracking, credential stuffing, phishing, and account takeover attempts across other services where users reused login information.

About Zynga

Zynga is a major mobile and social game publisher best known for titles such as Words With Friends, Zynga Poker, and FarmVille. It now operates as a wholly owned publishing label of Take-Two Interactive, with a business centered on free-to-play mobile games, live operations, and long-tail player engagement across a portfolio of casual and midcore titles.

Why They Hold Your Data

Gaming platforms collect user accounts, emails, passwords, and in-game activity data, often tied to social features.

Recent Developments

Zynga remains an active part of Take-Two’s mobile strategy and continues to run large live-service franchises and brand partnerships across its game portfolio. Recent public announcements in 2025 and 2026 highlight major updates to Top Eleven and a cross-title CBS Survivor collaboration, showing that the label is still being used to launch seasonal content, partnerships, and live-ops expansions across multiple games.

Data Points Exposed

4 verified field types
Email Address
Password Critical
Phone Number
Username

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Credential stuffing against reused passwords across other platforms
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • Credential stuffing & account takeover
  • SIM swapping, vishing & SMS phishing
  • Cross-platform tracking & credential stuffing

Threat Actor: GnosticPlayers

GnosticPlayers
Social Engineering

Attribution and method are based on available breach intelligence. Reported attack vector: Social Engineering.

Recommended Actions

If you believe your information may be included:

Change Reused Passwords
Update this account and anywhere you reused the password; use a manager.
Password manager guide
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Zynga breach?

Zynga, the mobile game publisher behind Words With Friends and FarmVille, suffered a breach in September 2019 when a hacker known as GnosticPlayers gained unauthorized access to one of its player databases. The attacker claimed to have downloaded records for every Android and iOS user who had…

What data was exposed?

Verified fields include Email Address, Password, Phone Number, Username.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
Have I Been Pwned
Record & field corroboration
Breach Index
DataBreach.com
Record & field corroboration
Cross-source
9ghz
Independent catalogue listing
Cross-source
BreachForums_Official_Index
Independent catalogue listing
Cross-source
BreachNet.pw
Independent catalogue listing
Cross-source
DataViper.io
Independent catalogue listing
Cross-source
leakfind
Independent catalogue listing
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation