The Week in Breach: EA Games – Round 2 – Knockout

Make sure to add us or contact us for the latest news

Real-Time Service Alerts





Hackers leak full EA data after failed extortion attempt


  • Hackers leak 751GB of compressed EA data containing FIFA 21 source code.
  • Data dump comes from a hack that took place in June 2021.
  • EA says no player data was included in the stolen data, confirmed by the data leaked this week.

The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer.

The data, dumped on an underground cybercrime forum on Monday, July 26, is now being widely distributed on torrent sites.

According to a copy of the dump obtained by The Record, the leaked files contain the source code of the FIFA 21 soccer game, including tools to support the company’s server-side services.

While initially, the hackers hoped to earn a big payday from the EA hack, they failed to find any buyers on the underground market, as the stolen data was mostly source code that lacked any value for other cybercrime groups, most of which are interested in user personal or financial data primarily.

After failing to find a buyer, the hackers tried to extort EA, asking the company to pay an undisclosed sum and avoid having the data leaked online.

Initially, they released a cache of 1.3GB of FIFA source code on July 14, only to release the entire data two weeks later after EA shunned their threats.

In a statement sent to The Record after the release of the full data, EA confirmed that “no player data was accessed” during the hackers’ intrusion and the company has “no reason to believe there is any risk to player privacy” as a result of the leak. – Full article can be found here

EA has officially stated that no user data was accessed, and the company has put in extra security measures to ensure this breach does not happen again.

Dark Web ID’s Top Threats This Week


 

Electronic Arts (EA)

https://therecord.media/hackers-leak-full-ea-data-after-failed-extortion-attempt/

Exploit: Hacking

Electronic Arts (EA): Video Game Maker

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.311 = Extreme

Hackers have leaked an estimated 751GB of compressed EA data containing FIFA 21 source code on a dark web forum. Initially, they released a cache of 1.3GB of FIFA source code on July 14 as part of a demand for payment to stop them from releasing the rest, but after EA refused to play ball, the rest was added. According to reports, the hackers used the authentication cookies to mimic an already-logged-in EA employee’s account and access EA’s Slack channel and then tricked an EA IT support staffer into granting them access to the company’s internal network, ultimately allowing them to download more than 780GB of source code from the company’s internal code repositories. EA says that no player information was ever at risk and they’ve fixed the problem internally.

Customers Impacted: Unknown

How It Could Affect Your  Business: Part of this hacking incident was powered by impersonation, which is a form of phishing, and is reminiscent of the 2020 Twitter hack that enabled cybercriminals to gain access to celebrity accounts by impersonating Twitter workers.

IntegraMSP to the Rescue: Developing a strong security culture that is savvy about phishing is essential for maintaining security in today’s volatile threat atmosphere. Our Security Awareness Champion’s Guide helps explain complex risks in a fun way! DOWNLOAD IT>>

University of San Diego Health

https://www.bleepingcomputer.com/news/security/uc-san-diego-health-discloses-data-breach-after-phishing-attack/

Exploit: Phishing

University of San Diego Health: Hospital System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.663 = Severe

UC San Diego Health has disclosed a data breach after the compromise of some employees’ email accounts. UC San Diego Health discovered that cybercriminals had gained access to some of its employees’ email accounts through a phishing attack. The attackers may have accessed the personal information of patients, employees and students between December 2, 2020, and April 8, 2021.

cybersecurity news represented by agauge showing severe risk

Risk to Individual: 1.271 = Severe

Potentially impacted information includes: patients’ full name, address, date of birth, email, fax number, claims information (date and cost of health care services and claims identifiers), laboratory results, medical diagnosis and conditions, Medical Record Number and other medical identifiers, prescription information, treatment information, medical information, Social Security number, government identification number, payment card number or financial account number and security code, student ID number and username and password. The hospital will offer free credit monitoring and identity theft protection services through Experian IdentityWorks for one year and is contacting impacted individuals via mail.

Customers Impacted: Unknown

How it Could Affect Your  Business Medical data is some of the hottest data to sell in dark web markets, earning cybercriminals a substantial profit and this hospital substantial fines under HIPAA and California Privacy regulations.

IntegraMSP to the Rescue: Stop phishing by recruiting every employee to the cybersecurity team. Let us show you how to expand your menu into security awareness training in just 15 minutes! WATCH NOW>>


City of Grass Valley, CA

https://sacramento.cbslocal.com/2021/07/29/grass-valley-cyberattack-ransom/

Exploit: Ransomware

City of Grass Valley, CA: Municipality

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.223=Severe

Municipalities have been ripe targets for cybercriminals, and they’ve scored another payday in Grass Valley, California. City services except emergency services experienced outages and the city ultimately chose to pay the ransom, citing data privacy concerns for its citizens. Grass Valley officials said the Federal Bureau of Investigation (FBI) was contacted. Several state agencies are still investigating. Services were restored after the ransom payment. Federal agencies including CISA and the FBI strongly discourage paying ransoms which is illegal in many circumstances.

Customers Impacted: Unknown

How it Could Affect Your Business Cybercriminals have been striking municipalities and similar authorities frequently. Historically poor cybersecurity combined with a tendency to simply pay ransoms makes this a growth industry for cybercrime.

IntegraMSP to the Rescue:  What happens when you pay a ransom? Nothing good. See how the cash shakes down and how gangs make their money in Ransomware Exposed!. DOWNLOAD IT>>



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.