Hackers leak full EA data after failed extortion attempt
Image: EA, The Record
Catalin Cimpanu July 31, 2021

Hackers leak full EA data after failed extortion attempt

Hackers leak full EA data after failed extortion attempt

  • Hackers leak 751GB of compressed EA data containing FIFA 21 source code.
  • Data dump comes from a hack that took place in June 2021.
  • EA says no player data was included in the stolen data, confirmed by the data leaked this week.

The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer.

The data, dumped on an underground cybercrime forum on Monday, July 26, is now being widely distributed on torrent sites.

According to a copy of the dump obtained by The Record, the leaked files contain the source code of the FIFA 21 soccer game, including tools to support the company’s server-side services.

How the EA breach took place

The existence of this leak was initially disclosed on June 10, when the hackers posted a thread on an underground hacking forum claiming to be in possession of EA data, which they were willing to sell for $28 million.

In an interview with Motherboard, the hackers claimed to have gained access to the data after buying authentication cookies for an EA internal Slack channel from a dark web marketplace called Genesis.

The hackers said they used the authentication cookies to mimick an already-logged-in EA employee’s account and access EA’s Slack channel and then trick an EA IT support staffer into granting them access to the company’s internal network.

From there, the hackers then proceeded to download more than 780GB of source code from the company’s internal code repositories.

While initially, the hackers hoped to earn a big payday from the EA hack, they failed to find any buyers on the underground market, as the stolen data was mostly source code that lacked any value for other cybercrime groups, most of which are interested in user personal or financial data primarily.

After failing to find a buyer, the hackers tried to extort EA, asking the company to pay an undisclosed sum and avoid having the data leaked online.

Initially, they released a cache of 1.3GB of FIFA source code on July 14, only to release the entire data two weeks later after EA shunned their threats.

In a statement sent to The Record after the release of the full data, EA confirmed that “no player data was accessed” during the hackers’ intrusion and the company has “no reason to believe there is any risk to player privacy” as a result of the leak.

“Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business,” an EA spokesperson told The Record. “We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.”

Screenshots from the leaked data are available below.

EA FIFA leak
Image: The Record
EA FIFA leak
Image: The Recor
EA FIFA leak
Image: The Record
EA FIFA leak
Image: The Record
EA FIFA leak
Image: The Record
EA FIFA leak
Image: The Record
EA FIFA leak
Image: The Record

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.