According to reports, more than 500.000 Activision accounts may have been compromised. The eSports Dexerto website reported that a data breach occurred on Sunday, September 20th.
The credentials to access these accounts, Dexerto reports, were leaked publicly and changed the data of the accounts to avoid easy recovery by the rightful owners.
The accounts are mainly used by players of the hugely popular Call of Duty franchise. Several eSports Twitter accounts have also reported the data breach. The first was Okami, founder of Respawnable, who tweeted "It's valid", adding that players should change their passwords immediately access of their account.
However, an Activision spokesman issued the following statement on 22 September:
Activision Call of Duty accounts have not been hacked. Reports to the contrary are not accurate. We investigate all privacy issues. As always, we recommend that players take precautions to protect their accounts at all times. Visit the page supports for more information, including a helpful series of tips and step-by-step instructions.
You can find these instructions here.
Activision's advice is comprehensive, but most importantly, you need to enable 2FA to protect an account. The reason is that there is no option in Activision accounts.
Dean Ferrando, chief systems engineer (EMEA) at Tripwire, said such breached accounts provide "a goldmine for malicious users who plan to carry out further attacks, whether it is online fishing or not."
