On Thursday, June 6th, 2021, hackers hacked into the networks of Electronic Arts, one of the world’s largest video game producers, and stole source code that was used in business titles. According to the online forum posts reviewed by CNN Business and verified by an independent cybersecurity expert, hackers claimed to have retrieved 780 gigabytes of data from EA (EA), including the Frostbite source code, which is the game tool that supports video games like FIFA, Madden, and Battlefield, among others…
The hackers claimed to have stolen software development tools for FIFA 21 and server code for player matching in FIFA 22 and claimed to have “complete power of abusing on all EA services.”
The hackers allegedly impersonated an EA employee and acquired the data using stolen cookies and EA’s slack channel. Users’ login information for numerous websites and apps is frequently saved in cookies. The hacking group’s representatives spoke with Vice’s Motherboard to discuss how they got access to the encrypted data.
Losing control over source code, according to Brett Callow, a cybersecurity specialist and threat analyst at Emsisoft might be disastrous for EA’s company. He explained that “source code might possibly be duplicated by other developers or utilized to construct game hacks.”
“Anytime source code is released, it’s bad,” Ekram Ahmed, a spokesman for cybersecurity firm Check Point, said. “Hackers can go through the code, find deeper holes to exploit, and sell that earlier code to hostile threat actors on the dark web.”
According to an EA spokesman, the intrusion did not impact player data.
“We’re looking into a recent network attack in which a small quantity of game source code and related tools were taken,” an EA spokesman stated. “We have no reason to believe that any player data was obtained, and we have no cause to believe that there is any risk to player privacy; we’ve already taken security changes as a result of the event, and we don’t foresee any impact on our games or our company. As part of this continuing criminal investigation, we are actively collaborating with law enforcement officers and other specialists.
Vice was the first to report on the data leak, citing some of the same forum entries. EA’s announcement comes in reaction to the breach disclosed by Vice, according to an EA spokeswoman.
The intrusion occurs at a time when cyber assaults are once again gaining traction, with ransomware assaults affecting major infrastructure businesses such as JBS USA, a meatpacking company, and Colas, a petroleum distributor colonial pipeline.
According to the representative, the EA breach was not a ransomware assault.
So let’s wait for the response on how gaming giant can retrieve their data and we hope not to see these kinds of mishaps in the future.