Yesterday the massive data breach by Electronic Arts was announced (EA) which resulted in the theft of approximately 780 GB of data containing the source code of FIFA 21 and Frostbite.
Although the code is not (yet) available on the web, the hackers have published screenshots from the stolen content as proof of ownership of the code. Today, a new report on Motherboard sheds more light on how the attack was carried out.
Hackers claim they started by buying stolen cookies for $10 off the web. These cookies contained data joining an EA employee Slack channel. They were used for hackers to gain access to a Slack channel, masquerading as internal employees.
Then, now that they had access to EA's Slack channel, they contacted IT Support to request multiple tokens factors, stating "I lost my phone at a party last night." The tokens were issued and of course used to access EA's corporate network.
Once they entered the network, they discovered a service used by game developers.
They then created virtual machines on the server and gained access to the source code. Motherboard reports that a company spokesperson gave screenshots of Slack conversations and various other things to confirm how the hack was done.
In addition to the leaked source code, hackers gained access to documents related to PlayStation VR, AI in gameoh, and various other things.