EA Games hacked, stolen data selling for $28 million

Gaming giant Electronic Arts (EA games) has lost 780 GB of sensitive gaming data in a recent data breach.

The hackers compromised the company’s Frostbite engine which gave them access to the source codes of multiple EA games alongside Software Development Kits (SDKs) and property gaming frameworks.

How was EA games hacked?

The cyber criminals gained access to the data treasure trove through the gaming company’s Slack channel.

First, the hackers purchased stolen cookies linked to EA’s Slack channel for $10. Browsers use cookies to save credentials to speed up the login process. The hackers exploited the cookies, logged in as the compromised employee, and message the IT department, telling them that they lost their phone and needed help with multifactor authentication to log into the corporate network.

The unsuspecting IT representative obliged, and the hackers went to work.

The cybercriminals posted the stolen treasure trove on a dark web forum, where it’s currently for sale for $28 million.
‍

The reason for the avaricious price tag is due to the depth of further compromise that’s possible if the stolen data is intelligently leveraged.

Firstly, the threat actors boast that they gained access to all of EA”s services which means the new owner will be capable of exploiting all of them.

And secondly, with access to the source codes of two wildly popular EA products - Frostbite game engine and FIFA 21 - a cyber criminal could develop gaming cheats.

The market for gaming cheats is huge. Earlier this year, the world’s biggest game-cheat enterprise was busted in a collaborative effort between Chinese police and Tencent known as, operation “Chicken Drumstick.” 

The criminal organization generated approximately $76 million in revenue selling gaming cheats though a subscription model starting at $10 a day.

The clandestine application of these cheats could help gamers win millions at gaming tournaments, or at the very least, improve their online reputation. This is why the demand for gaming cheats is so high.

It’s an unsettling period for EA gamers. Electronic Arts says its users shouldn’t suffer privacy breaches, but with so many options for exploitation, the impact of this breach will only be known after the black market sale is complete.