Computer Weekly

Lego fixes dangerous API vulnerability in BrickLink service

The Lego Group has moved swiftly to fix a pair of application programming interface (API) security vulnerabilities that existed in its BrickLink digital resale platform, after they were identified by ...
Bleeping Computer

LEGO BrickLink bugs let hackers hijack accounts, breach servers

Security analysts have discovered two API security vulnerabilities in BrickLink.com, LEGO Group’s official second-hand and vintage marketplace for LEGO bricks. BrickLink is the world’s largest online ...
Dark Reading

API Flaws in Lego Marketplace Put User Accounts, Data at Risk

API flaws in a widely used Lego online marketplace could have allowed attackers to take over user accounts, leak sensitive data stored on the platform, and even gain access to internal production data ...