Hi Growtopians,

Thank you very much for your patience over the last few days as we have worked to return services to normal. The issues are related to a recent security incident which resulted in the server rollback. While all password information is encrypted, we encourage any players concerned about the security of their account to change their passwords as a security precaution.

How did this happen?
  • Unfortunately the Hamumu website was hacked and as a result hackers gained access to their email address and Growtopia account.
  • Through this they were able to access Growtopia services and subsequently deleted some of the “worlds’ data” which is why we performed the rollback yesterday.
  • Additionally, it was discovered that they gained access to some mod accounts and we are continuing to investigate this on a case by case basis.

I lost my items, what do I do?
  • All the items created and traded during the rollback period are now gone and unfortunately we cannot give them back. We are sorry about this and for any inconvenience, this may have caused.
  • If some items are missing that were obtained before the 10th of December at around 16:36 (server time), please contact the support team.

Were banned players unbanned during this incident?
  • No they were not, however it seems some did try login, which is why they may have appeared as online in your friend list.

Were the mods hacked?
  • Yes, some mods had their passwords changed due to this exploit. The investigation is still in progress but their accounts have been restored.

Are our accounts secure?
  • Your passwords are encrypted. We are still investigating the extent of this incident and we will provide you with updates as soon as we have more. In the meantime, if you are concerned at all about the security of your account we encourage you to change your password.

Did the hacker have access to the Beta database? I saw screenshots of this, is the information secure?
  • Old Beta log files were accessed, however these did not contain sensitive information.
  • FYI, all game passwords are encrypted, on both the Beta and Live servers.

Why hasn't support answered my email?
  • Sorry about that! As you can imagine, after a rollback our support system gets a lot of requests. We're working as fast as we can to catch up, so we will be in touch with you as soon as we can.
  • We are answering them in the order that we received them, so if you’ve already been in touch we will respond to your initial email, no need to follow up.

What action will be taken against those who did this
  • In line with our policies, we will be taking strong legal actions against anyone who tried to breach and disrupt the player and community experience.

Thanks again for your patience and understanding throughout this and if you see any suspicious behavior be sure to contact us.

Please use this thread to share your feedback.

The Growtopia team.