Once again cyber-criminals have broken into a major firm, stealing a lot of data. This time the target was the infamous game developer, Electronic Arts (EA). After the data was gathered by the threat actors it was published on the dark-net.
A number of posts made online, claimed that hackers found their way into a pile of EA game source codes and internal tools. Mainly, the games affected include Battlefield, FIFA and The Sims.
The forum posts making the claims gathered a lot of media attention. The claims were confirmed later-on by a host of cybersecurity experts. The attack was found to have taken place on June 6th.
According to the reports, the criminals claimed to have harvested a large amount of data. Specifically, the claim made was 780GB worth of EA data. This includes the Frostbite source code that enables FIFA, Madden and Battlefield.
The cyber-criminals claim the attacks to be a success. It was revealed that they have exploited EA to their maximum capability. The hackers also claimed to have accessed development tools for FIFA 21 and the server code that power FIFA 22.
Furthermore, the threat-actors have also gained access to proprietary EA frameworks. Other software-kits ensuring a smooth gaming experience were also leaked. The large amount of sensitive data is now being sold across a number of different dark-net hacking forums.
Ignoring the forum posts that have since blew up on social media, the criminals attempted to provide proof of their work. A screenshot claiming to confirm the access to EAs data was posted on the forum. Nonetheless, the hackers have decided not to freely distribute the data. Instead, the hackers are still trying to get money for the data via underground channels.
EA admits the breach took place
As claimed by a report published by Vice, EA has since admitted that the attack took place. A statement was issued by EA concerning the widespread reports. The gaming firm confirmed that it suffered a data breach and confirmed the authenticity of the data being advertised.
A spokesperson for the company mentioned the organization is currently running an investigation. This is done to determine the exact source and extent of the breach. The company representative said that only a limited number of source codes and related tools leaked. It was also mentioned that no sensitive data was leaked.
The EA spokesman asserted players that all their data was still intact. The game company went on to talk about how there are no concerns about user privacy. The official also confirmed that EA will be upgrading its security. Improvements in technology , and better law enforcement cooperation will both safeguard the company.
Brett Callow, a notable cyber-security expect made some reflection while speaking on CNN. He discussed the potential threat that EA is facing after the data breach. The cyber-threat analyst said that this could turn out to be a disaster for the firm. Unauthorized access to such code, means that hacking software can be made more easily for their games. The same statement was made by Ekmar Ahmed from Check Point, a cyber-security company. All these threats are ignoring potential gains that competitors can make from such code.
A source code is the compiled version of computer software. In simple words, it is the simplified final version of code that is created from the code typed by developers. In context, threat actors can use this code to reverse engineer elements of the finished product.
The recent attacks are nothing new as cyber-crime keeps skyrocketing. Notably, the private sector and governmental organizations have all been recently targeted. This pains a grim picture concerning the reality. A lack of preparation for such attacks is something that will have to be looked at. Not too long ago cyber-attacks caused major destruction to fuel and meat supply.