News
EA Games hacked, stolen data selling for $28 million
BlogBreachesResourcesNews
EA Games hacked, stolen data selling for $28 million

EA Games hacked, stolen data selling for $28 million

Edward Kost
Edward Kost
June 15, 2021

Gaming giant Electronic Arts (EA games) has lost 780 GB of sensitive gaming data in a recent data breach.

The hackers compromised the company’s Frostbite engine which gave them access to the source codes of multiple EA games alongside Software Development Kits (SDKs) and property gaming frameworks.

How was EA games hacked?

The cyber criminals gained access to the data treasure trove through the gaming company’s Slack channel.

First, the hackers purchased stolen cookies linked to EA’s Slack channel for $10. Browsers use cookies to save credentials to speed up the login process. The hackers exploited the cookies, logged in as the compromised employee, and message the IT department, telling them that they lost their phone and needed help with multifactor authentication to log into the corporate network.

The unsuspecting IT representative obliged, and the hackers went to work.

The cybercriminals posted the stolen treasure trove on a dark web forum, where it’s currently for sale for $28 million.

Hackers posted evidence of stolen EA source code on the dark web - source: bleepingcomputer.com


The reason for the avaricious price tag is due to the depth of further compromise that’s possible if the stolen data is intelligently leveraged.

Firstly, the threat actors boast that they gained access to all of EA”s services which means the new owner will be capable of exploiting all of them.

And secondly, with access to the source codes of two wildly popular EA products - Frostbite game engine and FIFA 21 - a cyber criminal could develop gaming cheats.

The market for gaming cheats is huge. Earlier this year, the world’s biggest game-cheat enterprise was busted in a collaborative effort between Chinese police and Tencent known as, operation “Chicken Drumstick.” 

The criminal organization generated approximately $76 million in revenue selling gaming cheats though a subscription model starting at $10 a day.

Luxury cars among the assets seized during operation "Chicken Drumstick" - Source: BBC.com

The clandestine application of these cheats could help gamers win millions at gaming tournaments, or at the very least, improve their online reputation. This is why the demand for gaming cheats is so high.

It’s an unsettling period for EA gamers. Electronic Arts says its users shouldn’t suffer privacy breaches, but with so many options for exploitation, the impact of this breach will only be known after the black market sale is complete.

How secure is Electronic Arts?

Electronic Arts Inc. (EA) is an American video game company headquartered in Redwood City, California.
  • Check icon
    View our free preliminary report on Electronic Arts’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
View Electronic Arts's score
View score
https://www.ea.com
Security ratings
Abstract shape
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.

Latest news

Stay up-to-date with the latest news in cybersecurity.
Supply Chain Ransomware Attack Impacts Semiconductor Manufacturer

Supply Chain Ransomware Attack Impacts Semiconductor Manufacturer

One of the world's largest manufacturers of semiconductors has attributed a $250 million loss in its second-quarter sales report to a supply chain attack.
Edward Kost
Edward Kost
February 27, 2023
Optus Data Breach Exposes Up to 9.8 Million Customers' Details

Optus Data Breach Exposes Up to 9.8 Million Customers' Details

Cybercriminals believed to be working for a criminal or state-sponsored operation breached Optus' internal network, compromising personal information impacting up to 9.8 million customers.
Edward Kost
Edward Kost
September 26, 2022
Medibank Data Breach Impacts 9.7 Million Customers

Medibank Data Breach Impacts 9.7 Million Customers

Medibank suffered a data breach that compromised 9.7 million current and former customers.
Edward Kost
Edward Kost
November 11, 2022
OpenWRT breached through admin account

OpenWRT breached through admin account

OpenWRT, an open source firmware solution for home routers, was breached exposing the email addresses of many of its forum users.
Edward Kost
Edward Kost
January 16, 2021
Australian Real Estate Website Hacked 

Australian Real Estate Website Hacked 

Domain, one of Australia’s leading property market platforms, has fallen victim to a cyber attack
Edward Kost
Edward Kost
May 24, 2021
NT Government forced offline by compromised third-party vendor

NT Government forced offline by compromised third-party vendor

The Northern Territory Government's third-party IT system supply has fallen victim to a ransomware attack.
Edward Kost
Edward Kost
January 11, 2021
View all news
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Contact sales
Free demo
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating
UpGuard logo
UpGuard is a complete third-party risk and attack surface management platform.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Contact sales
Free trial
Products
Tools
Company
Insights
Products
Compare
Solutions
Company
Insights
© UpGuard, Inc.
Research GuidelinesPlatform Terms & ConditionsWebsite Terms & ConditionsPrivacyCookies