[BreachExchange] Over 500,000 Activision accounts hacked, Call of Duty players’ data, password at risk

Destry Winant destry at riskbasedsecurity.com
Tue Sep 22 10:30:33 EDT 2020


https://tech.hindustantimes.com/gaming/news/over-500-000-activision-accounts-hacked-call-of-duty-players-data-password-at-risk-71600755052150.html

A massive data breach at Activision has let hackers access usernames
and passwords of over hundreds of thousands of its customer accounts.
Reported by Dexerto, more than 500,000 Activision accounts have been
hacked and the user credentials have been publicly leaked for Call of
Duty players and others. Hackers are now using these details to log in
and change passwords thus preventing the actual users from being able
to access or recover their accounts.

According to TechRadar, this data breach was first reported by a
Twitter user who goes by the handle - oRemmy. This was then confirmed
by multiple content creators including Prototype Warehouse, Okami and
TheGamingRevolution.

Okami confirmed the breach in a tweet and asked users to change the
passwords on their Activision account.

“Yeah, it's legit guys. Change your Activision account passwords and
add 2FA immediately. Apparently over 500k accounts have been breached
already and it's still ongoing,” Okami tweeted.

The hackers are reportedly “generating 1,000 accounts every 10
minutes,” according to TheGamingRevolution.

Activision accounts are used by gamers for various Call of Duty (CoD)
titles, including Call of Duty Warzone, Call of Duty Modern Warfare
and Call of Duty Mobile. These accounts are also used for other
Activision games, but CoD is the most popular among them all.

The franchise is already very popular and its popularity soared,
particularly that of Call of Duty Mobile, after PUBG Mobile was banned
in India. The company is also planning to bring in the mobile version
of Call of Duty Warzone which is its only Battle Royale mode.

Now, while players and content creators have corroborated that there
indeed has been a breach, Activision has denied it.

The company told Forbes in a statement that accounts have not been
compromised and reports suggesting otherwise are inaccurate.
Activision added they recommend that players take precautions to
protect their accounts and suggested that their tips and step-by-step
instructions on how to keep one’s account safe be followed. You can
find the instructions here.

However, the only way to keep your Activision account safe is by
changing your password. The company does not offer two-factor
authentication to secure it. Additionally, as TechRadar and Dexerto
suggest, CoD players should unlink their Battlenet, PSN, Xbox Live and
any other accounts associated with their Activision account as well as
remove any payment details saved.


More information about the BreachExchange mailing list