back to article EA Games rubbishes Pastebin breach claim

Electronic Arts has poured cold water on claims its users' accounts have been breached. News surfaced of a possible breach when a database of some 600 login records appeared on web clipboard Pastebin. The records, which included games purchased and personal identity information like birthdates were accurate for at least one …

  1. king of foo

    I did not...

    ....have sexual relations with that woman, Miss Lewinsky. I never told anybody to lie, not a single time; never. These allegations are false. And I need to go back to work for the American people. Thank you.

    Pinocchio's NOSE grew when he lied.

    Anyway, I thought EA's DRM rootkits were supposed to prevent the copying of data???

  2. David Bond

    yeah....

    EA would even know or admit it, accounts details appear to slip out somehow. I had an account, set it up years ago, but never really used it. I had a few games on it, but never used them and didn't have origin installed.

    Then after a couple of years get an email from origin, saying i have been warned for misconduct in one of my games, that I had never actually played, i emailed origin, got nothing back from them, so ignored it. Then about 6 months later got another email saying my password had been changed.

    The i contacted EA by phone got them to reset my password, everything was now in Russian, and had a few more games, then I enabled 2 factor (phone authenticated).

    My password was not a simple one, was random upper, lower, numerical and special and not used on other sites.

  3. Pascal Monett Silver badge

    I have been boycotting EA Games for a few years now

    Got fed up with the absolutely crap downloader, unbelievably medieval update (mis)management, and the last straw was EA Games banning me from installing a game I PAID FOR under the pretext that the key was invalid. But when you buy on their site, there is no key.

    I might log back and change my password though. I think I'll set it to EAGamesSucksBigHairyDonkeyBalls or somesuch.

    1. Vic

      Re: I have been boycotting EA Games for a few years now

      I might log back and change my password though. I think I'll set it to EAGamesSucksBigHairyDonkeyBalls

      You're supposed to use a password that isn't obvious...

      Vic.

    2. Adam 1 Silver badge

      Re: I have been boycotting EA Games for a few years now

      That's the password on my luggage.

  4. Anonymous Coward
    Thumb Down

    No sign of a breach?

    Then their intrusion detection is shit, or one of their admins needs dealing with.

  5. Anonymous Coward
    Anonymous Coward

    Funny that, I'm pretty sure blizzard haven't had a breach as well though why I keep receiving phishing emails about how I bought gold and my account is about to be suspended is a mystery.

    On the plus side it's already two factor authentication however how did my email get slurped?

  6. Anonymous Coward
    Anonymous Coward

    I had the exact same experience as the comment here by David Bond, I was 100% sure that Origin had been hacked as I hadnt used my Origin account for ages and my account details had all changed into russian. I'm an IT guy who is very security minded so its very unlikely I'm was hacked or keylogged as I'm very careful and this has never happened to me before. I contacted EA by phone which was a pain to get through to someone and I informed them that I'm pretty sure they've been hacked but they denied it. I searched my account login details on the web and they appeared on VK.com along with hundreds of other account details (this is a russian social network where I've noticed that basically anything goes including illegal content). Basically there was some sort of group on there sharing hacked Origin account details and I informed Origin of this but they seemed not to care at all. My account even had a real russian persons name on it which i searched and found him on facebook (the only person with that name) but i didnt bother contacting him as i thought it would probably just make me more of a target lol

  7. DrXym Silver badge

    To be fair to EA

    These could be people who've installed "aimbots" or other trojans aimed at gamers and found their details scraped off and collated somewhere. I guess if this pastebin is followed up with a larger leak then we'll know one way or another if its EA's fault or someone elses.

  8. Anonymous Coward
    Anonymous Coward

    If this really is of the order of 600 accounts stolen total

    Then it is far more likely the user rather than EA were hacked, so some kid got taken via social hacking or installed a keylogger, or the usual data theft from third world support

    If EA had been hacked directly then it would be thousands of accounts stolen that or the hackers have yet to release the full INFO flood.

    Personally I never shared my credit card details with EA because I don't trust them after I had dealings with their Indian support who clearly were collecting game keys for own use. If same 3rdWS agents have access to account details then 600 accounts would be about right, a little password reset on unused accounts before getting noticed would be about 600.

  9. Avatar of They
    FAIL

    Ea are well practiced for something that never happens.

    My email account got hacked, I was told by email change notification. They had also set up the 2 form factor mobile number to theirs so every attempt to change texted a code to the other person.

    EA's website was rubbish in finding out what to do as every lead put you into logging on with the same account that was hacked which sent a code to the mobile phone. OR asked me to go through forgotten the password links which had same effect.

    Eventually some random EA page on the support linked a human being who was very quick to realise what was going on. And voila.

    I had a Russian email address and an Italian mobile number on my systems.

    But the speed EA reset it all to me, suggests perhaps it was actually something well rehearsed and not an ad-hoc process.

    1. Matthew Brasier

      Re: Ea are well practiced for something that never happens.

      The fact that EA accounts are regularly compromised does not indicate that EA have been hacked, it indicates that people who play EA games have weak security.

      My experience is that often people set weak passwords on accounts that aren't thought to be important (it's just a game) and then forget to update them when they later add payment details to the account for in-game purchases etc.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019