Hackers Move to Extort Gaming Giant EA

After trying to sell a cache of stolen data, hackers are now dumping some of the information publicly in the hopes of forcing EA to pay a ransom.
July 14, 2021, 2:49am
EA gam
Image: Andreas Rentz/Getty Images
Screen Shot 2021-02-24 at 3
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.

The hackers who previously stole a wealth of data from gaming giant Electronic Artshave moved from trying to sell that data to now releasing parts of it publicly. In one message on a forum accompanying the data dump, the hackers say explicitly they are trying to extort EA as well.

Advertisement

"Few week ago we send email for ransome [sic] to EA but we dont get any response so we will posting the src [source]," one of the posts from the hackers reads. A compressed, 1.3GB cache the hackers released appears to include references to internal EA tools and the company's Origin store, according to a copy viewed by Motherboard.

"If they dont contact us or dont pay us we will keep posting it," the hackers threatened. The data they stole totals in at around 780GB, Motherboard previously reported. That data includes source code for the Frostbite engine, used in games such as Battlefield; internal development tools, and software development kits (SDKs). The hackers also provided Motherboard with screenshots that appear to show data related to The Sims.

Do you work at EA? Do you know anything else about this breach or another? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.

In a statement on Tuesday, an EA spokesperson told Motherboard "We're aware of the recent posts by the alleged hackers and we are analyzing the files released. At this time, we continue to believe that it does not contain data that poses any concern to player privacy, and we have no reason to believe that there is any material risk to our games, our business or our players. We continue to work with federal law enforcement officials as part of this ongoing criminal investigation." EA added it has made security improvements in the wake of the incident.

In messages over the past few weeks to Motherboard, the hackers have repeatedly claimed they have sent ransom demands to EA. At the time, EA told Motherboard it had not received such a demand. The company now said it has faced an extortion threat.

At one point, the hackers asked Motherboard to directly deliver an extortion message to EA on their behalf. Motherboard declined to do so. Now, the hackers have publicly aired their extortion attempt themselves.

Motherboard previously reported that the hackers broke into EA by purchasing a Slack login token from an underground market. The hackers then moved through EA's network before finding the source code and other data.

Subscribe to our cybersecurity podcast, CYBER.