Cybersecurity and Gaming
Everyone loves a good video game every now and again. These vary in their genre and computing power. These games grasp and hold the player’s attention for hours upon hours. This has grown into such an industry, there are massive corporations creating and hosting these games, and also hosting the tournaments. One example is Electronic Arts (EA).
As part of its services, EA offers a tournament series. The subject here is EA’s FIFA 20 Global Series. To those unfamiliar with the group and game, this is a big deal. This is a $3M competitive circuit. This is a rather competitive tournament using the organizations’ FIFA 20 soccer-themed game and the focus. There just happened to be a minor issue with this. On October 3, 2019, right after the website used to sign people up was put online, the gamers noted immediately the other person’s private information was being leaked. EA inadvertently leaked approximately 1,600 user’s personal data, who previously entered the data with EA’s service.
What would happen is the gamer would enter their information and while entering their respective information, the gamers were shown other gamer’s data. Naturally, this created an issue as the gamer is not going to confirm other gamer’s information as to their own. The leaked data included the user/player’s ID, birthday, email address(es), and country of origin. While this is not a good thing, it could have been much worse. This is more embarrassing than an epic fail. Once the leak was discovered, the website was taken down, which took approximately 30 minutes. While this is much quicker than other companies, this still allowed for 1,600 user’s information to be leaked. This quick response was definitely a positive thing. If they would have been the victim of paralysis by analysis, this would have been much worse.
EA has apologized for their oversight, which is fair. At this point, no information or data was leaked which could be used for identity theft. This was, however, their oversight and a portion of the affected gamers are still displeased with EA.
Carpenter, N. (2019, October 4). EA data breach could impact 1,600 FIFA 20 players. Retrieved from https://www.polygon.com/2019/10/4/20898543/fifa-20-global-series-data-breach-ea-sports
Cimpanu, C. (2019, October 4). EA website snafu leaks data of 1,600 FIFA 20 pro gamers. Retrieved from https://www.zdnet.com/article/ea-website-snafu-leaks-data-of-1600-fifa-20-pro-gamers/
Lyles, T. (2019, October 4). EA discloses massive data breach affected thousands of competitive FIFA players. Retrieved from https://www.digitaltrends.com/gaming/ea-fifa-data-breach/
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.