According to MotherBoard, hackers stole Electronic Arts source code for FIFA 21, the Frostbite engine, and game development tools.
Earlier this week, the hackers behind the EA data breach also announced that they were selling approximately 780 gigabytes of the stolen game source code and tools in an underground hacking forum.
The threat actors shared screenshots of the stolen source code and directory listings to prove the legitimacy of their claims. In addition, the hackers claim that they have Microsoft’s Xbox and Sony’s SDKs and API keys for sale.
Electronic Arts’ privacy breach had no impact on its business, gaming, or player privacy
An EA spokesperson admitted the data breach that exposed a “limited” number of source code repositories and development tools.
“We are investigating a recent intrusion into our network in which a limited amount of game source code and related tools were stolen. No player data was accessed and we have no reason to believe that there is a risk to player privacy. “
The company added that it does not expect any impact on its business or gaming activities following the data breach.
In addition, EA announced that it is working with law enforcement agencies and other experts as part of the ongoing criminal investigation.
Electronic Arts also clarified that the data breach was not a ransomware incident, unlike the recent high profile compromise against Colonial Pipeline and JBS.
Threat actors list stolen data in an underground hacking forum
The threat actors responsible for the EA data breach announced that they were selling the stolen data in an underground hacking forum.
For $ 28 million, they promised potential buyers that they would also transfer the video game company’s “full ability to exploit” to their customers.
“You have the full ability to take advantage of all EA services,” read screenshots from the underground hacking forum shared by Motherboard.
Some of the stolen data contains API keys for FIFA 22, Xbox, Sony and SDK debugging tools. According to Bleeping Computer, the hackers also used the key to access XB PS and EA pfx and crt.
Apart from the security details, the hackers also stole FIFA 22, the FIFA 21 matchmaking server and the source codes of the Frostbite engine, proprietary EA frameworks, SDKs and debug tools.
The game engine is at the heart of several games including FIFA, Battlefield, and Star Wars. However, the hackers did not upload any source code to the underground hacking forum.
Aside from the immediate financial gain, stolen source code could allow hackers to discover vulnerabilities in the game engine in order to enable future compromises.
When asked how they breached Electronic Arts’ computer network, the hackers declined to reveal their tactics. However, EA said there had been a network outage that allowed the hacker to steal data.
Erich Kron, Security Awareness Advocate at KnowBe4, comments on the EA data breach:
“This incident shows the fact that even high-tech companies are vulnerable to potential data breaches. In this case, the source code of several products, some of which are very valuable and costly to produce intellectual property, have been stolen by the cyber criminals and put on the open market. “
Kron pointed out that information containing a significant amount of proprietary information could be of value to competitors.
“Unfortunately, these successful attacks are often a by-product of human error,” added Kron. “Reused passwords or harvested access data are common ways for attackers to gain access to systems and networks.”
According to Kron, it was important for companies to regularly train their employees about various potential attack vectors.
“In addition, robust data loss prevention controls can help identify when sensitive data is leaving the victim’s network and can play an important role in an organization’s multi-layered security strategy,” he said.
“This type of injury could potentially bring a company down,” said Saryu Nayyar, CEO of Gurucul. “The source code of games is highly proprietary and sensitive intellectual property that is at the heart of a company’s service or offering.”
After EA’s #databreach, #hackers sell the source code of the FIFA 21 and Frostbite engine as well as developer tools in an underground hacking forum. #Cybersecurity #Respect data
Nayyar likened a company’s source code leak to being “practically killing himself”. Although only a limited amount of source code was disclosed, Nayyar said that “the heartbeat has been interrupted and there is no telling how this attack will ultimately affect the lifeblood of the company’s gaming services across the board.”