A group of cybercriminals who breached Electronic Arts in June released the entire cache of stolen data after failing to extort the company and sell all 751GB of compressed EA Games’ data to potential third-party buyers. The wealth of data dumped on an underground cybercrime forum on July 26 is now widely distributed on torrent sites, making EA’s company files, source codes, and dev kits accessible to the public.
According to The Record, the hackers responsible for breaching and stealing source codes from Electronic Arts dumped a massive cache of data on an underground cybercrime forum after they failed to receive the expected payout. Unsuccessful in their illegal business effort, they subsequently released the data, which found its way to a public torrent site – the very same data that contained the source code for FIFA 21, as our previous report claimed.
Electronic Arts initially disclosed the existence of the data leak on June 10, when the hackers posted a thread on an underground hacking forum, claiming to be in possession of EA Games data, offering to sell it for $28 million. Purchasing it, potential buyers would obtain the Frostbite source code, which powers the Battlefield, Madden, and FIFA gaming series, development kits for FIFA 21, and server codes for FIFA 22 multiplayer matchmaking. In addition, an unidentified cybercriminal organization claimed that the data would grant the buyer a “full capacity of exploiting on all EA servers.”
And though they remain hidden behind their online handles, hackers’ methods to gain access to EA Games’ internal network have been revealed. They gained access to EA’s internal Slack channel by using stolen authentication cookies purchased from Genesis black market. For those unfamiliar with Genesis, it’s a fully-gated, invitation-only website focused on the sale of digital fingerprints relating to a specific user’s computer, browser, and various internet accounts. Multiple reports have suggested that the hacker collective responsible for the attack purchased authentication cookies for only $10.
After gaining access to EA’s Slack channel, the hackers tricked EA Games IT support staffer into granting them access to the company’s internal network, from which they downloaded more than 780GB of source codes, software development kits, and other data. Fortunately, Electronic Arts confirmed that the player data wasn’t compromised in the breach, which is odd because hackers usually go for personal information first, as it represents “easy money.” Source codes typically lack any real value for cybercriminal groups, most of which are interested in user’s personal and financial data.
Regardless, after failing to sell the data online, hackers tried to extort Electronic Arts, asking the company to pay an undisclosed sum and avoid having its data leaked online. However, EA Games was fully aware that the potential leak of the stolen data posed no real threat for the company and was completely unfazed by the ransom request, ignoring it altogether. In the end, the stolen data could only be used to develop cheats and hacks for Electronic Art’s games – something that the company already addressed by increasing its security and anti-cheating measures.
Now that the company’s data found its way to public torrent sites, we could expect an increase in the number of bans on EA Games gaming servers, similar to how Call of Duty banned nearly half a million players due to hacks and cheats.