EA-Sports

Hackers have breached Electronic Arts (EA), one of the world’s biggest video game publishers, and stolen some of its game source code and related internal tools.

For those unaware, Electronic Arts develops and publishes games of established franchises, including Battlefield, Need for Speed, The Sims, Medal of Honor series, Titanfall, as well as the EA Sports titles FIFA, Madden NFL, and NBA Live.

The incident which was first reported by Vice, claims that the hackers have stolen 780GB of data from EA servers, which includes the source code of the popular soccer game “FIFA 21” as well as code for its matchmaking server.

The cybercriminals have also stolen the source code and tools for the company’s game engine Frostbite, which powers popular EA titles like Battlefield.

Besides the above, the stolen data also includes “proprietary EA frameworks and software development kits,” the site reported.

Apparently, the hackers have been advertising EA’s digital goods for sale on various underground hacking forum posts viewed by Vice. The hackers claimed to offer “full capability of exploiting on all EA services” to customers willing to pay $28 million for the stolen data.

Below is a summary of the massive trove of data that the hackers claim to have stolen from EA’s network:

  • debug tools, SDK, and API keys
  • FIFA 21 matchmaking server
  • FIFA 22 API keys and some SDK & debugging tools
  • FrostBite game engine src code and debug tools
  • Many proprietary EA games frameworks & SDKs
  • XBOX & SONY private SDK & API key
  • XB PS and EA pfx and crt with key (currently used)

Following the report by Vice, EA confirmed to the publication that it was the victim of a data breach and not a ransomware attack and that no player data was accessed in the attack.

“We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen.

No player data was accessed, and we have no reason to believe there is any risk to player privacy,” EA said in a statement to Vice.

“Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business.

We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.”