11 June 2021

Hackers reportedly stole source code, internal tools from gaming giant Electronic Arts


Hackers reportedly stole source code, internal tools from gaming giant Electronic Arts

Electronic Arts (EA), a game developer and publisher behind such popular brands as Madden NFL, EA SPORTS FIFA, Battlefield, The Sims, and Need for Speed, has suffered a security incident in which hackers stole a large trove of valuable information from the company.

The hackers claimed to have downloaded roughly 780 GB of data, including source code for games such as FIFA 21 and for the proprietary Frostbite game engine used as the base for many other high-profile games, as well as some debug tools.

According to Bleeping Computer, other stolen information includes FIFA 22 API keys and SDK & debug tools, debug tools, SDK, and API keys, proprietary EA games frameworks, XBOX and SONY private SDK & API key, XB PS and EA pfx and crt with key.

As proof of their claims the hackers shared several screenshots claiming to demonstrate their access to EA data, but they did not publish any of the stolen data. Based on advertisements on several underground forums, it appears that the hackers intend to sell the stolen information.

An Electronic Arts spokesperson said that the company is investigating the breach “where a limited amount of game source code and related tools were stolen.”

"No player data was accessed, and we have no reason to believe there is any risk to player privacy," the company said.

The "network intrusion" was not a ransomware attack and had happened recently, EA said, adding that it had already improved its security following the hack, and doesn’t expect an impact on its games or business.


Back to the list

Latest Posts

Google fixes yet another Chrome 0Day exploited in the wild

Google fixes yet another Chrome 0Day exploited in the wild

In addition to CVE-2021-30554, Chrome 91.0.4472.114 resolves three high-risk vulnerabilities that allow a remote attacker to compromise a vulnerable system.
18 June 2021
Researchers uncover a 6-year Iranian domestic cyber-espionage campaign

Researchers uncover a 6-year Iranian domestic cyber-espionage campaign

The threat actor deployed the MarkiRAT malware able to steal data and hijack the infected user’s Chrome browser and their Telegram app.
17 June 2021
DarkSide affiliates shift to software supply chain attacks

DarkSide affiliates shift to software supply chain attacks

UNC2465 compromised a website of a CCTV camera vendor and planted malware in the Dahua SmartPSS Windows app.
17 June 2021