Unknown attackers have breached and infiltrated the systems of Electronic Arts (EA) and made away with the source code from the publisher’s biggest game and proprietary engine, along with nearly 9 million user records.

During a threat intelligence operation, CyberNews researchers came across what appears to be a genuine underground market proposition for the source code of EA’s best-selling game FIFA 2021 and the Frostbite engine, which powers many of the publisher’s games. The source codes are being offered for sale along with other data stolen from EA, including a valid certificate that can be used for launching man-in-the-middle attacks on EA users.

Update: The post on the underground forum now appears to have been either removed or made private.

Sample of EA data being sold online: 

, Electronic Arts breach: FIFA 2021 and Frostbite source codes, 9 million user records stolen from EA and sold online

The seller appears to be a new player in the underground ecosystem, with no previous attempts at selling stolen data.

FIFA 2021 and Frostbite engine source codes, multiple SDKs sold by threat actors

According to the offer posted on the forum on June 6, the threat actors are selling 780GB worth of proprietary and confidential EA data for $28 million, which includes the following stolen and compromised artefacts:

  • Debug tools, SDKs, and API keys
  • FIFA 21 matchmaking server
  • FIFA 22 API keys, as well as SDK and debugging tools
  • Frostbite engine source code and debugging tools
  • Multiple proprietary EA games frameworks and SDKs
  • Xbox and Sony private SDK and API key
  • Xbox, PlayStation and EA PFX files and keys to SSL certificates

Sample screenshot of the sale offer on the hacker forum:

, Electronic Arts breach: FIFA 2021 and Frostbite source codes, 9 million user records stolen from EA and sold online

9 million FIFA 2021 user records included in the offer

The offer also appears to include personal details of 8,938,550 active FIFA 2021 players from September 30, 2020. 

While the bulk of EA’s confidential data will likely be offered to one of the publisher’s competitors for tens of millions of dollars, the 9 million user records sold by the post author could be purchased by individual threat actors. 

Sample screenshot of the sale offer on the hacker forum:

, Electronic Arts breach: FIFA 2021 and Frostbite source codes, 9 million user records stolen from EA and sold online

As such, there’s a high probability that whoever buys the stolen data could easily launch a variety of social engineering and spear-phishing attack campaigns against EA users for the purpose of harvesting personal and sensitive information.

According to EA, however, no player data has been accessed by unauthorized actors as of yet, and the company does not believe there is any risk to the players’ privacy.

“We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen,”

an EA spokesperson told Vice’s Motherboard in a statement. 

“Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business. We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.”

How to secure your EA account

Regardless of whether the post author has already found buyers for the stolen user data or not, if you’re a FIFA 2021 player or have an EA.com account, it is recommended that you take the following steps to secure your accounts: 

  • Immediately change your password and enable EA’s two-factor authentication feature. Make sure to create a strong password for your account. You can easily generate complex passwords with our strong password generator or consider using a password manager.
  • Watch out for incoming spam emails, unsolicited texts, and phishing messages. Don’t click on anything that seems suspicious, including emails and texts from senders you don’t recognize.

More from CyberNews:

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Protect yourself online with best VPN services in 2021

Analysis: online scam cost victims over $9 million in 2020

Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

The rise of makeshift ransomware: what is Epsilon Red and should you worry about it?

Host your website online securely with best web hosting services in 2021

Subscribe to our newsletter