FunPlus

FunPlus, also known as the developer behind the mobile game Family Farm Seaside, is a company headquartered in China that focuses on creating and publishing mobile games. The organization's primary product is Family Farm Seaside, a title available on mobile platforms. The company is known for this specific game, and no other products are mentioned in the available information. The business operates within the competitive mobile gaming industry, targeting users who engage with games on smartphones and tablets. FunPlus's market presence appears centered on this single game, though the extent of its user base beyond the 3.3 million email addresses exposed in a breach is not detailed. The company's development and publishing activities are conducted from its Chinese headquarters, aligning with trends of gaming studios in the region serving global audiences through mobile applications. No evidence suggests involvement in other sectors or diversification beyond mobile game development.

In January 2017, FunPlus experienced a significant security incident where an unauthorized hacker compromised systems related to Family Farm Seaside. The attacker successfully stole user account information, including email addresses and usernames, along with game progression data, affecting over 3.3 million accounts. Additionally, the hacker claimed to have obtained approximately 16GB of product source code and allegedly attempted to extort the organization, though the motive was disputed. Importantly, the breach did not compromise passwords or financial information because the game utilized Facebook-linked authentication, which isolated those credentials from the compromised systems. Following the incident, FunPlus acknowledged the unauthorized access to email addresses and advised users to update passwords for accounts associated with their game email. The company engaged both internal and external security teams to investigate the intrusion, address vulnerabilities, and mitigate further risks. This event highlights a past security challenge for the organization, though no subsequent incidents are documented in the provided information. The response demonstrated an effort to contain the breach and communicate with affected users, consistent with standard incident management practices.