Meh, I have gotten so many emails & letters saying my info may have been compromised during a data breach that I have gone from panicking to 🤷🏼♀️ Whatever.
You start to disbelieve them when they ask you for your personal details so that they can keep you safe! If they start doing that you should report them to a Fraud site in whatever country you are in.
There is a site to check on whether you might be compromised for emails and passwords. An old one I had was compromised a long time ago. I never leave my debit card saved anywhere now. An online shop lately did a check-up to see if I was who I said I was, so the well run sites are checking on this.
I don’t save my debit card on sites anymore either and I try to keep my data safe, but the fact is once you give information to a company it’s incumbent upon them to keep it safe and too many don’t. AT&T sent me a letter saying my info had been breached, as has Blue Cross, my cable company, my local hospital, and the grocery store I frequent most because they had all been hacked at some point in time. I pretty much assume at this point that info about me is out their floating about now and there’s really nothing I can do about it.
Meh, I have gotten so many emails & letters saying my info may have been compromised during a data breach that I have gone from panicking to 🤷🏼♀️ Whatever.
You start to disbelieve them when they ask you for your personal details so that they can keep you safe! If they start doing that you should report them to a Fraud site in whatever country you are in.
There is a site to check on whether you might be compromised for emails and passwords. An old one I had was compromised a long time ago. I never leave my debit card saved anywhere now. An online shop lately did a check-up to see if I was who I said I was, so the well run sites are checking on this.
I don’t save my debit card on sites anymore either and I try to keep my data safe, but the fact is once you give information to a company it’s incumbent upon them to keep it safe and too many don’t. AT&T sent me a letter saying my info had been breached, as has Blue Cross, my cable company, my local hospital, and the grocery store I frequent most because they had all been hacked at some point in time. I pretty much assume at this point that info about me is out their floating about now and there’s really nothing I can do about it.
But this is not about individuals and how they handle such events, the main focus is on the EA hack and how it could affect the company and its players. The problem isn't about player data being compromised - it's about the affected games being played. For example, the Frostbite source code is stolen and quite a lot of important keys. The hackers also said that with this stuff, an unethical person can exploit on all EA servers.
For me personally and many others, now we're wary to buy Battlefield 2042. It is made with the Frostbite engine as are many EA games. Here are couple of videos about the implications of the resources being hacked and stolen. The implications are ENORMOUS:
So if you watch the videos, one of the implications is that hackers could develop and sell mods and hacks for it before release. Battlefield 2042 is the first Battlefield game with no single-player campaign as all the previous ones had - it is completely multiplayer. Which means if mods/hacks are already released, people who want to play the multiplayer game fair and square will get massacred right from the start by the cheaters with the aim-bots and other hack enhancements. And this is just the effect on one game built with Frostbite. There will be other issues with all their other games built in that Frostbite game engine.
What I would like to see is what EA will do to counter those issues. I don't want them sweeping this under the rug, hoping it will all go away and not do anything about it.
Who pays 28 million USD just to be able to hack some games? Must be really important to win at FIFA or something.
Yeah, some of those FIFA gamers are really obsessive to win their games! I think whoever buys the source code could stand to make a lot of money from reading through the source code and creating hacks from it. The source code for example would show what the true percentages are for acquiring the more valuable loot boxes, so the modder can produce programs to improve the likelihood of getting those more valuable assets. Also check for vulnerabilities in the game that they can take advantage of somehow. Or even just to copy the coding technology for their own games. I can imagine some of the Frostbite engine would be interesting to other game developers.
I can see how it would be interesting to other game developers, but then wouldn't it be possible to tell if they used stolen EA source code in their product? As for hacks and loot boxes, well I imagine if someone pays 28 million USD just to hack and win some lootboxes, they must have 28 million to waste. There is no profit in that unless they somehow sell the hacks to players or something.
Who pays 28 million USD just to be able to hack some games? Must be really important to win at FIFA or something.
Yeah, some of those FIFA gamers are really obsessive to win their games! I think whoever buys the source code could stand to make a lot of money from reading through the source code and creating hacks from it. The source code for example would show what the true percentages are for acquiring the more valuable loot boxes, so the modder can produce programs to improve the likelihood of getting those more valuable assets. Also check for vulnerabilities in the game that they can take advantage of somehow. Or even just to copy the coding technology for their own games. I can imagine some of the Frostbite engine would be interesting to other game developers.
I can see how it would be interesting to other game developers, but then wouldn't it be possible to tell if they used stolen EA source code in their product? As for hacks and loot boxes, well I imagine if someone pays 28 million USD just to hack and win some lootboxes, they must have 28 million to waste. There is no profit in that unless they somehow sell the hacks to players or something.
They can make money chopping up the code into smaller pieces to sell to more than just one buyer. And yes, the hacks they can create from finding vulnerabilities in the code will be lucrative. And it doesn't have to be one developer - a whole group can purchase the package.
Who pays 28 million USD just to be able to hack some games? Must be really important to win at FIFA or something.
Yeah, some of those FIFA gamers are really obsessive to win their games! I think whoever buys the source code could stand to make a lot of money from reading through the source code and creating hacks from it. The source code for example would show what the true percentages are for acquiring the more valuable loot boxes, so the modder can produce programs to improve the likelihood of getting those more valuable assets. Also check for vulnerabilities in the game that they can take advantage of somehow. Or even just to copy the coding technology for their own games. I can imagine some of the Frostbite engine would be interesting to other game developers.
I can see how it would be interesting to other game developers, but then wouldn't it be possible to tell if they used stolen EA source code in their product? As for hacks and loot boxes, well I imagine if someone pays 28 million USD just to hack and win some lootboxes, they must have 28 million to waste. There is no profit in that unless they somehow sell the hacks to players or something.
It's expensive to make videogames and you would not want to risk losing it all because you used stolen code so I don't think any game developer would do that.
It can be lucrative to make hacks for online multiplayer games but 28 million? Whoever ends up buying that must have a lot of money to spare.
Meh, I have gotten so many emails & letters saying my info may have been compromised during a data breach that I have gone from panicking to 🤷🏼♀️ Whatever.
You start to disbelieve them when they ask you for your personal details so that they can keep you safe! If they start doing that you should report them to a Fraud site in whatever country you are in.
There is a site to check on whether you might be compromised for emails and passwords. An old one I had was compromised a long time ago. I never leave my debit card saved anywhere now. An online shop lately did a check-up to see if I was who I said I was, so the well run sites are checking on this.
I don’t save my debit card on sites anymore either and I try to keep my data safe, but the fact is once you give information to a company it’s incumbent upon them to keep it safe and too many don’t. AT&T sent me a letter saying my info had been breached, as has Blue Cross, my cable company, my local hospital, and the grocery store I frequent most because they had all been hacked at some point in time. I pretty much assume at this point that info about me is out their floating about now and there’s really nothing I can do about it.
You are quite correct, even the most security conscious individual makes the same mistake if it's by 2FA, or VPN any other service or feature, you are using their terms of service and their software and thus you lost your privacy as they have your data. It doesn't matter how the data is handled, it won't take much to find a vulnerability in some other third party advertising site that has a copy of your data or weak security (like this breach with EA) and dump all that data on the dark web in forums where personal information on people are shared and sold.
The only sure fire way to avoid losing your data is by staying off the internet altogether and preferably never accessing it at any point in your life, but the problem with that is that security features on a lot of things these days are heavily reiant on the use of the internet and then data is collected. it's a no-win scenario trying to keep your privacy when the very features you use is collecting data on you and the very security you trust is a security risk in itself.
So if you watch the videos, one of the implications is that hackers could develop and sell mods and hacks for it before release. Battlefield 2042 is the first Battlefield game with no single-player campaign as all the previous ones had - it is completely multiplayer. Which means if mods/hacks are already released, people who want to play the multiplayer game fair and square will get massacred right from the start by the cheaters with the aim-bots and other hack enhancements. And this is just the effect on one game built with Frostbite. There will be other issues with all their other games built in that Frostbite game engine.
What I would like to see is what EA will do to counter those issues. I don't want them sweeping this under the rug, hoping it will all go away and not do anything about it.
EA will likely review their security, but it is unlikely to be a major change. the issue started with these hackers knowing where EA staff frequent, meaning EA needs to hide those details and make sure they are kept off any radar.
The second thing is that the apparent person joining in wasn't immediately challenged at the gates as it were, there is no internal security to filter out the wolf in sheeps clothing. so it's apparent security measures are needed and something only EA employees would know about and how to access. a face to face image can be intercepted, remember nothing is hack proof these days and deep fakes also exist. What those security changes are is something we won't find out about just to make sure EA are a lot more secure in their new security.
The way the hacker asked for and gotten details and data on account security from ea staffers is something that is almost certainly going to be looked at internally and how that is going to be handled in the future, since not only was that the last line of defence but it was too easy to get.
the fourth step with access to the source code, there most certainly should be some security put around that. it was like the hacker entered a museum and the only thing protecting the valuables is a typical glass case, something that can be easily cut into quietly and stolen. time to invest in heat sensors, motion detectors, security cameras and so forth.
Who pays 28 million USD just to be able to hack some games? Must be really important to win at FIFA or something.
Yeah, some of those FIFA gamers are really obsessive to win their games! I think whoever buys the source code could stand to make a lot of money from reading through the source code and creating hacks from it. The source code for example would show what the true percentages are for acquiring the more valuable loot boxes, so the modder can produce programs to improve the likelihood of getting those more valuable assets. Also check for vulnerabilities in the game that they can take advantage of somehow. Or even just to copy the coding technology for their own games. I can imagine some of the Frostbite engine would be interesting to other game developers.
I can see how it would be interesting to other game developers, but then wouldn't it be possible to tell if they used stolen EA source code in their product? As for hacks and loot boxes, well I imagine if someone pays 28 million USD just to hack and win some lootboxes, they must have 28 million to waste. There is no profit in that unless they somehow sell the hacks to players or something.
No immediate profits, but after running scams and manipulating users with digital items and so forth for a year or so, that $28 million could be easily bridged and surpassed, as the saying goes: fools and their money part easily. These types of people bank on that weakness every time and more often than not they get what they want because people do not look at what they are doing and what is right under their nose, that is until someone leads them by their nose to it when challenged by the said ignorant user (which is often annoying to watch or be part of when the user in question should know better).
EA will likely review their security, but it is unlikely to be a major change. the issue started with these hackers knowing where EA staff frequent, meaning EA needs to hide those details and make sure they are kept off any radar.
The second thing is that the apparent person joining in wasn't immediately challenged at the gates as it were, there is no internal security to filter out the wolf in sheeps clothing. so it's apparent security measures are needed and something only EA employees would know about and how to access. a face to face image can be intercepted, remember nothing is hack proof these days and deep fakes also exist. What those security changes are is something we won't find out about just to make sure EA are a lot more secure in their new security.
The way the hacker asked for and gotten details and data on account security from ea staffers is something that is almost certainly going to be looked at internally and how that is going to be handled in the future, since not only was that the last line of defence but it was too easy to get.
the fourth step with access to the source code, there most certainly should be some security put around that. it was like the hacker entered a museum and the only thing protecting the valuables is a typical glass case, something that can be easily cut into quietly and stolen. time to invest in heat sensors, motion detectors, security cameras and so forth.
Who pays 28 million USD just to be able to hack some games? Must be really important to win at FIFA or something.
Yeah, some of those FIFA gamers are really obsessive to win their games! I think whoever buys the source code could stand to make a lot of money from reading through the source code and creating hacks from it. The source code for example would show what the true percentages are for acquiring the more valuable loot boxes, so the modder can produce programs to improve the likelihood of getting those more valuable assets. Also check for vulnerabilities in the game that they can take advantage of somehow. Or even just to copy the coding technology for their own games. I can imagine some of the Frostbite engine would be interesting to other game developers.
I can see how it would be interesting to other game developers, but then wouldn't it be possible to tell if they used stolen EA source code in their product? As for hacks and loot boxes, well I imagine if someone pays 28 million USD just to hack and win some lootboxes, they must have 28 million to waste. There is no profit in that unless they somehow sell the hacks to players or something.
No immediate profits, but after running scams and manipulating users with digital items and so forth for a year or so, that $28 million could be easily bridged and surpassed, as the saying goes: fools and their money part easily. These types of people bank on that weakness every time and more often than not they get what they want because people do not look at what they are doing and what is right under their nose, that is until someone leads them by their nose to it when challenged by the said ignorant user (which is often annoying to watch or be part of when the user in question should know better).
I really appreciate your post a lot as it is the only post that isn't downplaying the situation, but further explaining the fall out from this. I just want EA to truly make their data, sources/resources, and games more secure and let us know that without going into major specifics.
For security methods, I had already suggested that they put in place a live video identification of their employees for IT support to check against. But I'm also thinking that to back up that verification of the employee who may have loss access to their network and are asking for a multifactor authentication token, the boss of that employee would also need to be live to say, "yes, this employee really does work for EA" (also as a way to be notified that their employee has somehow lost an important security item and to berate that employee later and perhaps write them up in their employee profile - a way to decrease losing those important mechanisms by being much more careful). IT support should also be made to become familiar with how the employees look, especially the bosses of each department or work group.
In terms of impact on EA games, I'm really interested in Battlefront 2042 for example, but I really don't know yet the ramifications of this breach on the game, plus any future games made with Frostbite. So I'm going to wait - years if I have to - until I know it's genuinely safe and fair to buy and play this game (because I'm not into buying hacks to cheat and it's not fun to get insta-killed constantly by gamers with those cheats and unfair advantages). I also had Battlefield 3 & 4, and Star Wars Battlefront II installed, but I have since uninstalled them when I read about how easy the breach was simply because I don't know what might happen with them.
Just don't download so called "Free" games off the internet. There's a Crackonosh hack in some of them to gain control. They could be in Fifa games too.
"Gamers are being duped into helping hackers become rich, after downloading games laced with hidden malware. Versions of Grand Theft Auto V, NBA 2K19, and Pro Evolution Soccer 2018 are being given away free in forums...."
Just don't download so called "Free" games off the internet. There's a Crackonosh hack in some of them to gain control. They could be in Fifa games too.
"Gamers are being duped into helping hackers become rich, after downloading games laced with hidden malware. Versions of Grand Theft Auto V, NBA 2K19, and Pro Evolution Soccer 2018 are being given away free in forums...."
Good post. I always wondered what the "catch" was if a game is totally free like those abandonware games. Also free apps or game apps for tablets. Makes me wonder how those free stuff benefit the devs or the uploader of those games if they're not being paid in any way for them (direct pay or ads).
Comments
I don’t save my debit card on sites anymore either and I try to keep my data safe, but the fact is once you give information to a company it’s incumbent upon them to keep it safe and too many don’t. AT&T sent me a letter saying my info had been breached, as has Blue Cross, my cable company, my local hospital, and the grocery store I frequent most because they had all been hacked at some point in time. I pretty much assume at this point that info about me is out their floating about now and there’s really nothing I can do about it.
But this is not about individuals and how they handle such events, the main focus is on the EA hack and how it could affect the company and its players. The problem isn't about player data being compromised - it's about the affected games being played. For example, the Frostbite source code is stolen and quite a lot of important keys. The hackers also said that with this stuff, an unethical person can exploit on all EA servers.
For me personally and many others, now we're wary to buy Battlefield 2042. It is made with the Frostbite engine as are many EA games. Here are couple of videos about the implications of the resources being hacked and stolen. The implications are ENORMOUS:
EA Hacked!! Will Battlefield 2042 have Hacks on Launch Day?
So if you watch the videos, one of the implications is that hackers could develop and sell mods and hacks for it before release. Battlefield 2042 is the first Battlefield game with no single-player campaign as all the previous ones had - it is completely multiplayer. Which means if mods/hacks are already released, people who want to play the multiplayer game fair and square will get massacred right from the start by the cheaters with the aim-bots and other hack enhancements. And this is just the effect on one game built with Frostbite. There will be other issues with all their other games built in that Frostbite game engine.
What I would like to see is what EA will do to counter those issues. I don't want them sweeping this under the rug, hoping it will all go away and not do anything about it.
I can see how it would be interesting to other game developers, but then wouldn't it be possible to tell if they used stolen EA source code in their product? As for hacks and loot boxes, well I imagine if someone pays 28 million USD just to hack and win some lootboxes, they must have 28 million to waste. There is no profit in that unless they somehow sell the hacks to players or something.
They can make money chopping up the code into smaller pieces to sell to more than just one buyer. And yes, the hacks they can create from finding vulnerabilities in the code will be lucrative. And it doesn't have to be one developer - a whole group can purchase the package.
It's expensive to make videogames and you would not want to risk losing it all because you used stolen code so I don't think any game developer would do that.
It can be lucrative to make hacks for online multiplayer games but 28 million? Whoever ends up buying that must have a lot of money to spare.
You are quite correct, even the most security conscious individual makes the same mistake if it's by 2FA, or VPN any other service or feature, you are using their terms of service and their software and thus you lost your privacy as they have your data. It doesn't matter how the data is handled, it won't take much to find a vulnerability in some other third party advertising site that has a copy of your data or weak security (like this breach with EA) and dump all that data on the dark web in forums where personal information on people are shared and sold.
The only sure fire way to avoid losing your data is by staying off the internet altogether and preferably never accessing it at any point in your life, but the problem with that is that security features on a lot of things these days are heavily reiant on the use of the internet and then data is collected. it's a no-win scenario trying to keep your privacy when the very features you use is collecting data on you and the very security you trust is a security risk in itself.
EA will likely review their security, but it is unlikely to be a major change. the issue started with these hackers knowing where EA staff frequent, meaning EA needs to hide those details and make sure they are kept off any radar.
The second thing is that the apparent person joining in wasn't immediately challenged at the gates as it were, there is no internal security to filter out the wolf in sheeps clothing. so it's apparent security measures are needed and something only EA employees would know about and how to access. a face to face image can be intercepted, remember nothing is hack proof these days and deep fakes also exist. What those security changes are is something we won't find out about just to make sure EA are a lot more secure in their new security.
The way the hacker asked for and gotten details and data on account security from ea staffers is something that is almost certainly going to be looked at internally and how that is going to be handled in the future, since not only was that the last line of defence but it was too easy to get.
the fourth step with access to the source code, there most certainly should be some security put around that. it was like the hacker entered a museum and the only thing protecting the valuables is a typical glass case, something that can be easily cut into quietly and stolen. time to invest in heat sensors, motion detectors, security cameras and so forth.
No immediate profits, but after running scams and manipulating users with digital items and so forth for a year or so, that $28 million could be easily bridged and surpassed, as the saying goes: fools and their money part easily. These types of people bank on that weakness every time and more often than not they get what they want because people do not look at what they are doing and what is right under their nose, that is until someone leads them by their nose to it when challenged by the said ignorant user (which is often annoying to watch or be part of when the user in question should know better).
I really appreciate your post a lot as it is the only post that isn't downplaying the situation, but further explaining the fall out from this. I just want EA to truly make their data, sources/resources, and games more secure and let us know that without going into major specifics.
For security methods, I had already suggested that they put in place a live video identification of their employees for IT support to check against. But I'm also thinking that to back up that verification of the employee who may have loss access to their network and are asking for a multifactor authentication token, the boss of that employee would also need to be live to say, "yes, this employee really does work for EA" (also as a way to be notified that their employee has somehow lost an important security item and to berate that employee later and perhaps write them up in their employee profile - a way to decrease losing those important mechanisms by being much more careful). IT support should also be made to become familiar with how the employees look, especially the bosses of each department or work group.
In terms of impact on EA games, I'm really interested in Battlefront 2042 for example, but I really don't know yet the ramifications of this breach on the game, plus any future games made with Frostbite. So I'm going to wait - years if I have to - until I know it's genuinely safe and fair to buy and play this game (because I'm not into buying hacks to cheat and it's not fun to get insta-killed constantly by gamers with those cheats and unfair advantages). I also had Battlefield 3 & 4, and Star Wars Battlefront II installed, but I have since uninstalled them when I read about how easy the breach was simply because I don't know what might happen with them.
"Gamers are being duped into helping hackers become rich, after downloading games laced with hidden malware. Versions of Grand Theft Auto V, NBA 2K19, and Pro Evolution Soccer 2018 are being given away free in forums...."
https://www.bbc.co.uk/news/technology-57601631
Good post. I always wondered what the "catch" was if a game is totally free like those abandonware games. Also free apps or game apps for tablets. Makes me wonder how those free stuff benefit the devs or the uploader of those games if they're not being paid in any way for them (direct pay or ads).