Seemingly every day, companies of all sizes unknowingly expose valuable information to cybercriminals around the world. No matter the industry, cyber terrorists will seek to gain control of data in exchange for large sums of money through ransomware attacks. These cybercriminals spare no mercy.
Electronic Arts’ critical code exposed
One recent victim of a data breach was the video game publishing company Electronic Arts (EA). On Thursday, EA said the hackers gained access to 780 gigabytes of code for the Frostbite game engine. This software powers the graphics and gameplay for popular games such as FIFA, Madden, and Battlefield.
The hackers were said to have gained access to integral software development tools on the FIFA 21 database and server code for online matchmaking in FIFA 22.
According to an EA spokesperson, the hackers did not compromise player data, and there is no further risk to player privacy. The spokesperson also claimed that EA has already increased security efforts and ensured that this would not impact the flow of their business.
Have we seen something like this before?
Proven access to server code cannot be a good headline for EA, a company that has struggled with cybersecurity in the past.
Just last year, EA’s servers were down for an extended period of time for an unknown reason. Speculation from players on Twitter suggested that the infamous hacking organization “Lizard Squad” was behind the server malfunctions.
The speculation arose from a controversial decision by EA to ban a professional FIFA player for violating their terms and conditions. EA received backlash online from fans of the player and from the hacking group themselves, who quoted the tweet with this threat (see below).
Consistent server issues and a lack of transparency have become fodder for a vindictive community frustrated with the company. The tweets by Lizard Squad were received well by the FIFA community, who were outraged by the banning of a fan favorite.
In June of 2019, millions of EAs player accounts were hacked into through their partner company Origin. Origin is in charge of providing access to games online, connecting 300 million players across the globe. Origin’s jurisdiction also includes access to downloadable content, which can be purchased using a credit/debit card or through a payment site like PayPal.
Money is not the sole motivation
Lizard Squad plays the role of a vigilante in the FIFA community in some ways. EA is a company with a cloudy past when it comes to building goodwill with its players. They are notorious in the gaming community for their lack of transparency in press releases and their strict, ever changing terms and conditions. The outrage from the community is evident in many if not all of their replies on social media. Lizard Squads’ infiltration offered an opportunity to cause change at EA. In an interview with Sky Sports in 2014, Lizard Squad stated that the reasoning behind the attack was to expose the billion-dollar company for their lack of attention to their cybersecurity.
While Lizard Squad claims they have good intentions to enact long-term change, it is hard to think of them as anything other than internet bullies in the short term. Since 2014, EA’s servers have not improved much, with weekly outages reported. Likewise, their company stance on social media continues to be vague and unclear, leaving players more confused than ever.
How do they get in?
Hackers are parasites to the online gaming community, using their password milling skills to control players’ accounts for criminal intentions. Once they are into your account, they will change your passwords and impersonate you to steal personal information. After taking all the information they need, they will change your password back to the original and exit your account without leaving a trace. It can be months before users realize their information is exposed and slowly being farmed by anonymous criminals.
The breach was made possible through the outdated legacy password system that requires you to differentiate your password by adding special characters and different capitalization requirements. Many victims’ data falls into the wrong hands because of password fatigue. Password fatigue happens when users reuse their passwords for multiple accounts across many platforms. This bad habit is dangerous because when hackers break into one account, the floodgates open, and your information spreads like a virus.
How TraitWare can help
Regardless of the motivation, hacking is detrimental to business. Security risk can be reduced through simpler, more secure login methods that TraitWare provides. TraitWare’s patented passwordless MFA technology simplifies the login process like no other. Just by scanning a QR code and providing biometric authentication from your mobile device, you can access all your web-enabled applications in 3 touches. No more data breaches and no more frustrating user experience.
Does this seem like fantasy to you? Let TraitWare turn your fantasies into a reality with Real Passwordless MFA™.
Any questions? Reach out to us here. Let us help simplify and secure login for your business.