Threat actors leaked data stolen from EA, including FIFA code

Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim.

In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data.

The stolen data include the source code of the games, the source code of the FrostBite game engine and debug tools, FIFA 21 matchmaking server code, proprietary EA games frameworks, debug tools, SDK, and API keys, XBOX and SONY private SDK & API key, XB PS and EA pfx and crt with key, and FIFA 22 API keys and SDK & debug tools.

Motherboard, who was among the first sites to report the security breach, contacted EA which confirmed the data breach.

BleepingComputer also received a statement from the gaming giant that said it was not hit by a ransomware attack. The company attempted to downplay the data breach saying that only “a limited amount of code and related tools were stolen”, it also added that they expect that the data breach will not impact its business.

The company said that hackers did not access player data, it also added to have already implemented additional security measures.

On July 26, hackers behind the attack have released the entire cache of stolen data after they failed to negotiate with the gaming firm and also to sell the stolen files to other threat actors, reported The Record.

The data has been initially leaked on a cybercrime forum, but now copies of the stolen data are circulating on different underground sites.

The Record that analyzed a copy of the dump confirmed that the archive contains the source code of the FIFA 21 game.

“According to a copy of the dump obtained by The Record, the leaked files contain the source code of the FIFA 21 soccer game, including tools to support the company’s server-side services” states The Record.

The hackers used stolen authentication cookies for an EA internal Slack channel that were bought in the Genesis black marketplace. Then the attackers tricked an EA IT support staffer into granting them access to the EA internal network.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, EA)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.