EA: 50 High-profile FIFA 22 Accounts Taken Over by Phishing Actors

Electronic Arts (EA) has published an official response to numerous reports about hacked player accounts, confirming the problem and attributing it to phishing actors.

As the notice explains, hackers used social engineering against EA’s customer experience team to bypass two-factor authentication and take over 50 player accounts.

FIFA 22 is a very popular football (soccer) simulation game featuring a multi-player mode where people can compete in real-time, trade in-game items, etc.

Also Read: 12 Benefits of Data Protection for Business Success

The gaming company has promised to restore rightful owners’ access to the compromised accounts and has also announced the following measures to prevent this from happening again in the future:

• All EA Advisors and individuals who assist with service of EA Accounts are receiving individualized re-training and additional team training, with a specific emphasis on account security practices and the phishing techniques used in this particular instance.
• Implementation of additional steps to the account ownership verification process, such as mandatory managerial approval for all email change requests.
• The customer experience software will be updated to better identify suspicious activity, flag at-risk accounts, and further limit the potential for human error in the account update process.

The above changes will inevitably make customer service more cumbersome and slow, but they will improve account security, something that the FIFA community has been complaining about for years.

“We’d like to apologize for the inconvenience and frustration that this has caused, and that we were unable to share additional details in our original communication last week as we conducted a thorough investigation.” concludes EA’s statement

High-profile accounts hacked

The accounts that were targeted by the phishing actors include those of real footballers like Valentin Rosier, professional streamers, and in-game currency traders.

Also Read: Privacy policy template important tips for your business

@EA_FIFA_France @EAFrance @EASPORTSFIFA
Je viens de me connecter à mon compte et je viens de voir que j’ai été hack. Donc ce qui veux dire que je n’ai plus rien et je n’ai plus accès à mon compte fifa. Un compte ou j’avais 60 million de crédit, un compte ou j’ai mis de l’argent

— Valentin Rosier (@VRosier19) January 7, 2022

Just got hacked boys, finally people can stop blaming me for the hacks xD

I plan to take legal action, they gave my account to a random person via the live chat, a clear breach of data protection laws

Was a fun ride, see u guys in 23 I guess❤️

— FUT Donkey (@FUTDonkey) January 5, 2022

These high-profile accounts have invested significant amounts of money in the game and use it as a source of income by monetizing their presence in that virtual space.

Some of the hacked account holders point out the possibility of EA’s staff giving away their personal data to the hackers, which would violate the GDPR, incurring fines up to 4% of EA’s annual turnover.

However, at this time, no data protection probes have been announced, and EA’s investigation on the incident is still ongoing, so the scope of the impact hasn’t been determined with certainty yet.

It is also worth noting that Bleeping Computer has seen reports of lower-tier FIFA 22 accounts having been hacked recently, so the number of accounts taken over by phishing actors may be much greater than 50.