The group of hackers that stole a wealth of data from game publishing giant Electronic Arts broke into the company in part by tricking an employee over Slack to provide a login token. Proving that social engineering is very much a thing:
The group stole the source code for FIFA 21 and related matchmaking tools, as well as the source code for the Frostbite engine that powers games like Battlefield and other internal game development tools. In all, the hackers claim they have 780GB of data, and are advertising it for sale on various underground forums. EA previously confirmed the data impacted in the breach to Motherboard.
A representative for the hackers told Motherboard in an online chat that the process started by purchasing stolen cookies being sold online for $10, and using those to gain access to a Slack channel used by EA. In this case, the hackers were able to get into EA’s Slack using the stolen cookie. “Once inside the chat we messaged a IT Support members we explain to them we lost our phone at a party last night,” the representative said.
This is a prime reason why you need to include training for ALL your employees if you’re a company. Because while companies are weak at IT security, humans are still a factor in these hacks. My recommendation is that companies look at both infrastructure and training to address their cybersecurity needs.
Related
This entry was posted on June 11, 2021 at 3:50 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hackers Explain How They Pwned EA
The group of hackers that stole a wealth of data from game publishing giant Electronic Arts broke into the company in part by tricking an employee over Slack to provide a login token. Proving that social engineering is very much a thing:
The group stole the source code for FIFA 21 and related matchmaking tools, as well as the source code for the Frostbite engine that powers games like Battlefield and other internal game development tools. In all, the hackers claim they have 780GB of data, and are advertising it for sale on various underground forums. EA previously confirmed the data impacted in the breach to Motherboard.
A representative for the hackers told Motherboard in an online chat that the process started by purchasing stolen cookies being sold online for $10, and using those to gain access to a Slack channel used by EA. In this case, the hackers were able to get into EA’s Slack using the stolen cookie. “Once inside the chat we messaged a IT Support members we explain to them we lost our phone at a party last night,” the representative said.
This is a prime reason why you need to include training for ALL your employees if you’re a company. Because while companies are weak at IT security, humans are still a factor in these hacks. My recommendation is that companies look at both infrastructure and training to address their cybersecurity needs.
Share this:
Like this:
Related
This entry was posted on June 11, 2021 at 3:50 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.