Hackers gained access to EA’s corporate network via Slack

A representative of the hackers told VICE's Motherboard they requested a multifactor authentication to EA's IT support and used it to access the publisher's corporate network.

EA lays off 350 employees
Image via Electronic Arts

The group of hackers who stole data from Electronic Arts yesterday told VICE’s Motherboard today that they tricked an EA employee into handing over a login token to the corporate network via Slack, a proprietary business communication platform.

A representative for the hackers told Motherboard they started the hacking process by purchasing stolen cookies that were being sold online for $10 and used those to gain access to one of EA’s Slack channels. A cookie is a simple computing file made of text that gets stored in web browsers and the information stored by cookies can be used to personalize someone’s experience when using a website. Cookies can also save the login details of particular users and potentially let hackers log into services as that person.

“Once inside the chat, we messaged a IT Support members we explain to them we lost our phone at a party last night,” the representative for the hackers told Motherboard. They requested a multifactor authentication to EA’s IT support so they could gain access to EA’s corporate network. The representative told Motherboard that this trick was successful twice.

When exploring EA’s network, the hackers found a service for EA developers for compiling games. They logged in and downloaded the game source code of FIFA 21 and tools for the Frostbite engine, which EA uses in several of its games. Yesterday, the hackers said they had stolen a total of 780 GBs of data, which they were trying to sell on underground hacking forums.

The representative for the hackers sent screengrabs to corroborate the steps of the hacking proccess, including the Slack logs, according to Motherboard. EA confirmed the contours of the description of the breach given by the hackers with Motherboard.

The hackers also got their hands on a series of documents that included an assortment of material on PlayStation VR, how EA creates the digital crowds for FIFA, and documents regarding AI in games. Sony, the owner of PlayStation, didn’t respond to Motherboard’s request for comment. Yesterday, EA gave a statement, confirming it suffered a data breach.

“We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen,” an EA spokesperson told Motherboard yesterday. “No player data was accessed, and we have no reason to believe there is any risk to player privacy. Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business. We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.”