Contents:
The video game company Electronic Arts (EA) suffered a data breach in June, hackers having access to the enterprise’s services and data. Now because threat actors failed to obtain money from the company, they performed an EA data leakage, where the whole cache of the data they stole some time ago is now online. This was firstly leaked on the 26th of July, Monday, to an underground cybercrime forum, but now it is in plain sight and circulating on torrent websites.
EA Data Leakage: How Hackers Wanted to Benefit from It
News on the data breach appeared on the 10th of June. How? Well, hackers announced that they possessed valuable data of the enterprise on an underground hacking forum. What was their goal at that time? To sell it for good money in exchange, more specifically they intended to obtain $28 million.
Since other cybercriminals potentially interested in enterprise data usually seek private or financial information, hackers were not that successful to sell it on the black market as the EA data was plain source code.
Their next step was to ask for money from the company itself to avoid an EA data leakage. The amount of money they asked for is still not known. On the 14th of July, 1.3 GB Fifa source code was made public. Because the company ignored their blackmail, 2 weeks later the EA data leakage meant the whole stolen data being released.
How Did the Hackers Manage to Access This Info in the First Place?
According to vice.com, the threat actors managed to have access to the company’s data by impersonating an EA employee account that was already logged in. Their method was successful through internal Slack authentication cookies they obtained by buying them from the Genesis dark web market. This way, they made the IT guys give them privileged access to the internal network posing as the real user. This is a good example of how the principle of least privilege can be easily violated. Thus, the organization’s internal code repositories were at their command and 780 GB of source code was downloaded. It is said that the released files contain FIFA 21 source code.
What the Company Said About the EA Data Leakage
Below you can see print screen examples of the information that was released through the EA data leakage.
After the data was made available to everyone, EA shared a declaration with therecord.media:
We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen. No player data was accessed, and we have no reason to believe there is any risk to player privacy. Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business. We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.