EA Breach: What We Know About Latest Major Cyber-Attack

EA Breach: What We Know About Latest Major Cyber-Attack

EA (Electronic Arts), one of the world’s largest video game studios, disclosed suffering a data breach in which hackers stole source code used in the company’s games. Vice originally broke the story. 

According to sources, the EA breach took place on June 6. The hackers responsible stole 780 gigabytes of data, including the Frostbite source code. This source code powers some of EA’s top intellectual properties, including the Madden, FIFA, and Battlefield series. 

The hackers appear to be attempting to sell the source code on various hacking forums. Pitching the source code on one of these forums, the hackers claimed, “you have full capability of exploiting on all EA services.” Additionally, the hackers claimed to have obtained software development tools and server code for popular games. 

Player data remains unaffected by the breach, although access to the source code could lead to the discovery of other backdoors for future data breaches

An EA spokesperson stated: “We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen player data was accessed, and we have no reason to believe there is any risk to player privacy. Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business. We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.” 

As of the time of writing, it remains unclear how the hackers obtained access to the source code or how the cyber-attack took place. 

Expert Commentary on the EA Breach

Erich Kron

Erich Kron is a security awareness advocate at KnowBe4. 

“This incident demonstrates the fact that even high-tech organizations are vulnerable to potential data breaches. In this case, the source code for several products, some very valuable and costly to produce intellectual property, has been stolen by the cyber-criminals and offered on the open market. Interestingly, at this time, it appears they did not attempt to ransom the data back to EA, but instead chose to offer it to the highest bidder. If this data includes a significant amount of proprietary information, it may be valuable to competitors, or it may include information or vulnerabilities that could be used in future attacks against EA products or customers with installed EA games.

Unfortunately, these successful attacks are often a byproduct of human error. Reused passwords or harvested credentials are common ways for attackers to gain access to systems and networks. For this reason, it is a wise move for organizations to regularly educate employees about potential attack vectors and the importance of being vigilant for attacks that may target them. In addition, robust Data Loss Prevention controls can help spot when sensitive data may be moving out of the victim’s network and play an important role in an organization’s layered security strategy.”

Saryu Nayyar

Saryu Nayyar (she/her) is CEO of Gurucul

“This sort of breach could potentially take down an organization. Game source code is highly proprietary and sensitive intellectual property that is the heartbeat of a company’s service or offering. Exposing this data is like virtually taking its life. Except that in this case, EA is saying only a limited amount of game source code and tools have been exfiltrated. Even so, the heartbeat has been interrupted and there’s no telling how this attack will ultimately impact the lifeblood of the company’s gaming services down the line.

“The lesson here is you must enact robust proactive cyber defenses to protect your IP. The heartbeat must keep drumming on.”

Thanks to the experts for their time and expertise. For more information, please consult the SIEM Buyer’s Guide for the latest cybersecurity market analysis. This story is ongoing. 

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner