[BreachExchange] EA data released on internet after hackers' extortion attempts fail

Sophia Kingsbury sophia.kingsbury at riskbasedsecurity.com
Thu Jul 15 11:04:40 EDT 2021


https://www.msn.com/en-nz/news/world/ea-data-released-on-internet-after-hackers-extortion-attempts-fail/ar-AAMasaL

The hackers who stole 780GB of data from Electronic Arts (EA) are now
releasing some of the data on the internet.

The leaking of the stolen data comes after the cybercriminals tried to
extort EA, the publisher behind gaming franchises like FIFA, The Sims and
Battlefield but received no ransom.

"Few week ago we send email for ransome (sic) to EA but we don't get any
response so we will posting the src (source)," one of the posts from the
hackers read, according to Vice's Motherboard.

Motherboard also viewed a compressed 1.3GB cache of the files the hackers
released, which included references to internal tools and EA's Origin game
store.

"If they don't contact us or don't pay us we will keep posting it," the
hackers said.

At the time of the hack the cybercriminals said the data they had stolen
included the code for FIFA 21 as well as the code and tools for the
Frostbite engine, which powers games like Star Wars Battlefront II and the
Need For Speed franchise.

"We're aware of the recent posts by the alleged hackers and we are
analysing the files released," EA said in a statement.

"At this time, we continue to believe that it does not contain data that
poses any concern to player privacy, and we have no reason to believe that
there is any material risk to our games, our business or our players.

"We continue to work with federal law enforcement officials as part of this
ongoing criminal investigation."

The hackers had been advertising it for sale on underground forums, telling
prospective purchasers "you have full capability of exploiting on all EA
services".

EA had previously said security improvements had already been made in light
of the attack and did not expect an impact on games or its business.

The hackers were reportedly able to breach the company's servers by
purchasing a cookie for EA's Slack server for just $10 on an underground
invite-only site called Genesis Market.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210715/c0de9561/attachment.html>


More information about the BreachExchange mailing list