Hackers Explain How They Pwned EA

The group of hackers that stole a wealth of data from game publishing giant Electronic Arts broke into the company in part by tricking an employee over Slack to provide a login token. Proving that social engineering is very much a thing:

The group stole the source code for FIFA 21 and related matchmaking tools, as well as the source code for the Frostbite engine that powers games like Battlefield and other internal game development tools. In all, the hackers claim they have 780GB of data, and are advertising it for sale on various underground forums. EA previously confirmed the data impacted in the breach to Motherboard. 

A representative for the hackers told Motherboard in an online chat that the process started by purchasing stolen cookies being sold online for $10, and using those to gain access to a Slack channel used by EA. In this case, the hackers were able to get into EA’s Slack using the stolen cookie. “Once inside the chat we messaged a IT Support members we explain to them we lost our phone at a party last night,” the representative said.

This is a prime reason why you need to include training for ALL your employees if you’re a company. Because while companies are weak at IT security, humans are still a factor in these hacks. My recommendation is that companies look at both infrastructure and training to address their cybersecurity needs.

Leave a Reply

%d bloggers like this: