[TheRecord] Hackers leak full EA data after failed extortion attempt

The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer.

The data, dumped on an underground cybercrime forum on Monday, July 26, is now being widely distributed on torrent sites.

According to a copy of the dump obtained by The Record, the leaked files contain the source code of the FIFA 21 soccer game, including tools to support the company’s server-side services.

How the EA breach took place

The existence of this leak was initially disclosed on June 10, when the hackers posted a thread on an underground hacking forum claiming to be in possession of EA data, which they were willing to sell for $28 million.

In an interview with Motherboard, the hackers claimed to have gained access to the data after buying authentication cookies for an EA internal Slack channel from a dark web marketplace called Genesis.

The hackers said they used the authentication cookies to mimick an already-logged-in EA employee’s account and access EA’s Slack channel and then trick an EA IT support staffer into granting them access to the company’s internal network.

From there, the hackers then proceeded to download more than 780GB of source code from the company’s internal code repositories.

While initially, the hackers hoped to earn a big payday from the EA hack, they failed to find any buyers on the underground market, as the stolen data was mostly source code that lacked any value for other cybercrime groups, most of which are interested in user personal or financial data primarily.

After failing to find a buyer, the hackers tried to extort EA, asking the company to pay an undisclosed sum and avoid having the data leaked online.

Initially, they released a cache of 1.3GB of FIFA source code on July 14, only to release the entire data two weeks later after EA shunned their threats.

In a statement sent to The Record after the release of the full data, EA confirmed that “no player data was accessed” during the hackers’ intrusion and the company has “no reason to believe there is any risk to player privacy” as a result of the leak.

“Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business,” an EA spokesperson told The Record. “We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.”

Screenshots from the leaked data are available below.

Image: The Record
Image: The Recor
Image: The Record
Image: The Record
Image: The Record
Image: The Record
Image: The Record

The post Hackers leak full EA data after failed extortion attempt appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Colossus Ransomware Hits Automotive Company in the U.S.

All posts, Security Week

A new ransomware family called Colossus has snagged at least one victim in the United States as of last week, according to security researchers at ZeroFox. Targeting Windows systems, the Colossus ransomware was used in an attack on an automotive group of dealerships based in the U.S., with its operators threatening to leak 200 GB […]

Read More

[TheRecord] RedCurl hacking group returns with new attacks

Even after its operations were publicly exposed in August 2020, the RedCurl hacking group has continued to carry out new intrusions and has breached at least four companies this year, according to a new report from security firm Group-IB. Targets hacked this year included two companies based in Russia, along with two others that Group-IB […]

Read More

[TheRecord] Google shuts down malicious ad posing as Brave browser but delivering malware

Internet surfers looking to download a copy of the Brave browser were fooled this week by a cleverly disguised ad that redirected them to a malicious website where they infected their systems with malware. The malicious website was located at bravė.com, where Brave was spelled with a Lithuanian small caps ė (with a dot on top) instead […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.