Hackers have started releasing parts of stolen EA data publicly
Criminals threaten further leaks if EA doesn’t comply with their demands
The hackers behind a significant Electronic Arts data breach have begun releasing some of the stolen data publicly in a bid to extort the company.
The perpetrators claimed in June to be in possession of 780GB of stolen data, which EA later confirmed included the source code for FIFA 21, the source code and tools for the Frostbite engine which powers games including Battlefield, plus proprietary EA frameworks and software development kits.
According to Vice, the hackers have now released a 1.3GB cache publicly and threatened to leak more of the data. “If they dont contact us or dont pay us we will keep posting it,” they said.
The data released appears to include references to internal EA tools and its Origin store, while the hackers also provided Vice site with screenshots seemingly showing data related to The Sims.
An EA spokesperson told the site that the company was “aware of the recent posts by the alleged hackers” and was “analyzing the files released”, but played down the risks associated with the leak.
“At this time, we continue to believe that it does not contain data that poses any concern to player privacy, and we have no reason to believe that there is any material risk to our games, our business or our players,” they said.
“We continue to work with federal law enforcement officials as part of this ongoing criminal investigation.”
Further reading
EA confirms hackers have stolen source code for FIFA 21 and the Frostbite engine
The spokesperson also said that EA had implemented new security measures following the data breach.
According to Vice, the hackers broke into EA by logging into one of its Slack accounts using a token bought from an underground market for $10, before tricking the company’s IT support into giving them access to its internal network.
Data stolen from CD Projekt Red in February reportedly leaked online in June, including the source code for Cyberpunk 2077 and The Witcher 3.
CD Projekt later said it had reason to believe that the stolen data being circulated online may include employee and contractor details.
