The hackers claimed to offer “full capability of exploiting on all EA services.” They also claimed to have stolen software development tools for FIFA 21 and server code for player matchmaking in FIFA 22.
Brett Callow, the cybersecurity expert and a threat analyst at Emsisoft, said losing control over source code could be problematic for EA’s business. “Source code could, theoretically, be copied by other developers or used to create hacks for games,” he said.
“Anytime source code gets leaked it’s not good,” said Ekram Ahmed, a spokesperson for the cybersecurity firm Check Point. “Hackers can comb through the code, identify deeper flaws for exploit, and sell that previous code on the dark web to malicious threat actors.”
Player data was not compromised in the breach, the EA spokesperson told CNN.
“We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen,” the EA spokesperson said. “No player data was accessed, and we have no reason to believe there is any risk to player privacy. Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business. We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.”
The EA breach was not a ransomware attack, the spokesperson said.