[TheRecord] EA blames support staff for recent hacks of high-profile FIFA accounts

American video game company Electronic Arts confirmed today that hackers used social engineering to trick some of its customer support staff into transferring high-profile FIFA accounts from their legitimate owners.

“At this time, we estimate that less than 50 accounts have been taken over using this method,” EA said today.

“We are currently working to identify rightful account owners to restore access to their accounts and the content within, and players affected should expect a response from our team shortly,” the game maker added.

According to screenshots shared on social media by some of the victims, the hacks took place after the attackers contacted EA’s customer staff via the live chat feature and demanded to have an account’s email address changed.

While many requests were ignored, the threat actors persisted until a customer support staff member ignored normal procedures and changed the email address without additional verifications of the requester’s identity.

People spam the livechat asking to change my account details until some incompetent advisor finally gave them the account pic.twitter.com/jqOoKKcv6s

— FUT Donkey (@FUTDonkey) January 5, 2022

The game maker said that as a result of these hacks, it has taken the decision to put all its customer support staff through a re-training program “with a specific emphasis on account security practices and the phishing techniques used in this particular instance.”

In addition, EA said it is expanding its account ownership verification process, which will from now on require approval from a team manager before any email address change.

“While in some cases these changes could impact customer experience wait times, these are necessary additional steps to ensure our player accounts remain secure,” the game maker said.

EA said it began investigating the incidents last week. According to Eurogamer, whose first report on the hacks triggered the EA investigation, the threat actors appear to have targeted the top 100 traders in FIFA 22, EA’s soccer simulator, and one of its most profitable video game.

The post EA blames support staff for recent hacks of high-profile FIFA accounts appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Free Decryption Tools Available for Babuk, AtomSilo and LockFile Ransomware

All posts, Security Week

Cybersecurity company Avast on Wednesday announced the availability of free decryption tools for three pieces of ransomware: Babuk, AtomSilo and LockFile. Users and organizations that had their files encrypted by these ransomware families can use the decryptors to recover their files. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ZDNet] Philips study finds hospitals struggling to manage thousands of IoT devices

All posts, ZDNet

More than 13% of hospitals had no inventory and no way of knowing how many medical devices were deployed. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] Microsoft Confirms ‘NotLegit’ Azure Flaw Exposed Source Code Repositories

All posts, Security Week

Microsoft has quietly started notifying some Azure customers that a serious security vulnerability in the Azure App Service has caused the exposure of hundreds of source code repositories. read more Source: Read More (SecurityWeek RSS Feed)

Read More