Electronic Arts (EA) have been hacked; with data, internal tools, and the source code for the Frostbite Engine and FIFA 21 stolen.
Vice reports that the hackers posted on “underground hacking forums;” stating readers now “have full capability of exploiting on all EA services.” FIFA 21‘s source code includes the code for the game’s matchmaking server.
Along with source code on the Frostbite engine, other stolen data includes proprietary EA frameworks, and software development kits; a total of 780gb of data. The hackers are advertising the sale of this data in various underground forums, and posted screenshots as evidence of access to their EA data. None of the data has been distributed thus far.
EA confirmed to Vice that they had suffered a data breach, and that the information the hackers listed was stolen.
“We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen. No player data was accessed, and we have no reason to believe there is any risk to player privacy. Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business. We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.”
The situation bears comparison to the Capcom Ragnar Locker Ransomware hack and subsequent leaks [1, 2] of November 2020. Along with information on upcoming games (some of which seems to have come true) and politically correct business strategies.
The hackers also obtained employee personal information, HR information, and 350,000 items of customer and business partner personal information (none of which was credit card information).
Koei Tecmo Europe’s forums were also hacked in late December 2020. The hacker reportedly asked for Bitcoin, claimed Koei Tecmo had lackluster digital security, and failed to follow GDPR guidelines by not informing their users about the hack sooner.
Most recently, CD Projekt confirmed they were victim of a ransomware hack in February 2021; at the time the third such case for a video games company being hacked in four months.
It may be the initial case with Capcom sparked hackers to probe the security of gaming companies; rife with company secrets and otherwise valuable information that did not match their level of security.
We will keep you informed as we learn more.