The value of the EA recordsdata breach: $10 and moderately of social engineering

by

Facepalm: The hackers accountable for the latest recordsdata breach keen Digital Arts like divulged how they did the deed. A representative for the hacking group informed Motherboard they got the ball rolling by shopping stolen cookies on-line for fair $10. Ouch.

From there, the hackers were in a spot to utilize the cookies to succeed in access to a Slack channel worn by EA workers.

Once on Slack, one in every of the hackers messaged an EA IT improve member and outlined that they’d lost their phone at a celebration the evening earlier than. They were a hit in getting a multifactor authentication token that gave them access to EA’s company network (this apparently worked twice, the earn said).

With access to EA’s network, the hackers positioned a provider for builders compiling video games that they were in a spot to log into. Making a digital machine reportedly gave them worthy extra visibility on the network, allowing them to access every other provider and accumulate sport source code.

Motherboard said the earn offered screenshots to support up their account, including pictures of the Slack chats. When Motherboard reached out to EA, a earn “confirmed to Motherboard the contours of the description of the breach given by the hackers.”

Motherboard said the day earlier than this day that the hackers made away with roughly 780GB of recordsdata including the source code for FIFA 21 and code connected to the Frostbite engine.

Image credit score AkuAlip