After reports broke yesterday about a whopping 780GB of data being swiped from the gaming giant Electronic Arts (EA), we already know how the heist was pulled off, at least according to the hackers¨ telling.


A ^representative for the hackers ̄ told Motherboard on Friday that the scheme was actually pretty simple: They allegedly started by buying stolen cookies online for $10 each, and then used those to get access to one of EA¨s corporate Slack channels. Apparently, EA¨s Slack etiquette isn¨t the most secure!we¨ve previously seen researchers discover a former engineer for the company leaving the names of EA¨s corporate Slack channels in a public code repo. Whether that early 2020 incident played a role here is still unknown.

Per Motherboard, the next step was messaging EA¨s IT support team to pretend that the hackers had ^lost [their] phone at a party last night, ̄ before asking the staffer for a multi-factor authentication token. Once they had their hands on that token, the hackers¨ rep said, they were able to walk right into EA¨s corporate network, which led them to the hub where some of EA¨s developers compile their games. Pretty soon, the fraudsters were downloading material for the Playstation VR, internal documents on AI in gaming, and some documents on how EA ^creates digital crowds in the FIFA games. ̄

Meanwhile, EA reps previously confirmed to Gizmodo that the hack started and ended with this trove of data, which also reportedly included the source code for the company¨s game engine, FrostBite. ^No player data was accessed, and we have no reason to believe there is any risk to player privacy, ̄ the spokesperson said, noting that the company has ^already made security improvements ̄ in response to the hack. Hopefully one of those buffs makes their Slack channels a bit less hackable.

    copyright@HK Information|Beijing icp keep on record 05000846number
HK Information