Reports broke yesterday of a massive data breach at Electronic Arts that resulted in the theft of close to 780GB worth of data containing FIFA 21 and Frostbite engine source code. While the code itself isn’t being made available on the web, hackers have reportedly posted screenshots of some of the stolen content as proof of possession. Today, a new report on Motherboard provides more information on how the hack was carried out. It cites statements made to the publication by a “representative for the hackers”.
The hackers claim that they started off by purchasing stolen cookies for $10 from the web. These cookies possibly containing Slack login details of EA employees were then used to gain access to a Slack channel, with the hackers likely masquerading as internal employees. The account was then used to reach out to IT Support to request multifactor tokens, saying that they “lost our phone at a party last night”. The tokens were then used to access EA’s corporate network using the employees' credentials.
Once inside the network, the bad actors discovered a service that was used by developers to compile games. They then created virtual machines in the server and subsequently gained access to the source code. Motherboard says that the representative has provided screenshots of the Slack chats and various steps of the process to corroborate the claims. Interestingly, the publication says that EA confirmed the “contours of the description of the breach”. However, EA has reiterated that the breach has not resulted in the compromise of any player data.
In addition to the game data, the hackers have reportedly also gained access to documentation pertaining to PlayStation VR, digital crowds in FIFA, and AI in games, among other details. The publication adds that Sony has not responded to requests for comment.