Hackers recently breached Electronic Arts (EA), a company which is a leading publisher of games. As a result of the hack, FIFA’s source code and other related software and developer kits were stolen. The company is currently investigating the attack.
Hackers Breach Electronic Arts Company to Steal FIFA Source Code
Fortunately, no data related to players (users) was accessed, and the company has no reason to believe there is any risk to player privacy, EA said in a statement. According to a report published by Motherboard, hackers claimed they stole the source code of FIFA 21 and its server on an underground forum.
Apparently, the criminals’ post from a user called fifaseller can be reached via a Google cached web page from June 6. Furthermore, the hackers also claim they have stolen source code for other proprietary EA games, frameworks, API keys and SDKs. The stolen data could enable cybercriminals to exploit all EA services.
It should be noted that, evidently, this is not the only hacker forum post that advertises the stolen data.
How did the attack happen? EA hasn’t disclosed any information about how cybercriminals intruded its network. The company has taken unspecified measures to improve its security, and says that the incident will not have any impact on its business.
A likely breach scenario is that attackers exploited a known vulnerability in EA’s network. A more unlikely scenario is that hackers found a zero-fay and created their own exploit. Another version, also seen in many data breaches, is a misconfigured and exposed service that literally left the door open to anyone.
The reason behind the attack may be future exploitation over stolen data, security experts note, as game source code is a highly proprietary and sensitive intellectual property. So, it is highly likely that the breach has an advanced monetization plan behind it.
The company is currently co-operating with law enforcement and security specialists to investigate the attack.