Game Over or Game on? 7 Times Video Game Companies Were Targeted by Cyber Criminals

Video games are an escape from real life. A countless number of people play to be immersed in a world filled with adventure and excitement. While it is fiction and you remain safe from the dragons or zombies you battle, dangers of the digital realm can be real. Video game companies are in a constant battle against their own threats. Cyber Criminals find their way into every industry, and the video game realm is not the exception.
Video Game data breach

There have been multiple occasions in which video game companies have been involved in cyber security incidents. While some aim to simply crash gaming servers, others aim to steal company secrets, property, and even player data. Cyber threats are extremely common in today’s world, and chances are you’ve either played or heard of games that have faced these challenges. The impact of these cyber security incidents can often be felt by gamers worldwide. Let’s explore some notable examples of video game companies who have grappled with cyber attacks and the measures taken to safeguard their players and platforms.

In 2021, hackers breached Electronic Arts, a major video game publisher, and stole source code used in their games, as confirmed by a spokesperson. The stolen data, totaling 780 gigabytes, includes the Frostbite engine, powering popular titles like FIFA, Madden, and Battlefield. The hackers claimed to have capabilities to exploit EA services and stole software development tools for FIFA 21 and server code for FIFA 22 matchmaking. Stolen source code might be replicated, sold on the dark web or used for creating game hacks.

Nintendo

In April 2020, individuals started complaining about money disappearing from their Nintendo accounts. Soon after, Nintendo disclosed a staggering breach of 300,000 user accounts, revealing that hackers exploited others’ Nintendo Network IDs without authorization. In addition to logging in to potentially play other users’ games, the hackers were also able to see individuals’ date of birth, country or region and email addresses. They could also access payment services linked to these accounts, including PayPal accounts or credit cards to buy items on Nintendo’s platform.

Riot Games

Riot Games recently faced a security breach where hackers infiltrated its internal systems, resulting in the loss of source code for its popular multiplayer title, League of Legends, along with another game, Team Fight Tactics (TFT), along with the computer code for an anti-cheat platform. The hackers demanded ransom from Riot Games to keep the stolen source code private, but the company publicly announced that they refused to comply. As a consequence, there’s a risk that the hackers may publicly leak or attempt to sell the stolen source code. While both games affected are free-to-play, the theft poses a threat due to potential exploitation by cheaters, who could use the source code to gain an advantage in gameplay. 

In 2020, WildWorks the developer of online children’s game “Animal Jam” confirmed that information of to up to 46 million players was stolen as a result of a cyberattack on a third-party server. This data included, email addresses, player usernames, encrypted passwords, birth years, gender records, precise birthdates, and some parents’ full names and billing addresses. However, no real names of children were compromised. They later advised users to change passwords promptly, remain vigilant for potential phishing attacks.

Naughty Dog

Footage of Naughty Dogs game “The Last Of Us Part ll” was leaked prior to its release in 2020.  The breach involved exploiting a security vulnerability in previous Naughty Dog games, allowing access to Amazon servers associated with The Last Of Us. Hackers obtained at least one terabyte of data from the server, including developer material for the upcoming game. Although the leaked footage included pivotal cutscenes and gameplay, it remains unclear if hackers acquired a playable build of the game. 

Capcom

Capcom, the well known Japanese game developer behind titles like Street Fighter, Resident Evil, and Monster Hunter, faced a server breach that resulted in the compromise of the personal information of nine employees and potentially up to 350,000 customers and business partners. The accessed data included names, addresses, birthdays, phone numbers, email addresses, and photos. This breach was found to be orchestrated by the Ragnor Locker hacker group, who used a ransomware attack to target the company’s network.

Activision Blizzard

Activision, a leading game publishing company known for fan favorites such as Call of Duty and Spyro acknowledged a data breach that occurred late 2022, although they downplayed its severity. The breach involved stolen data, including employee and game-related information, after an employee fell victim to a phishing attack. While Activision claims to have swiftly responded and resolved the breach, cyber security researchers suggest otherwise. Screenshots shared by vx-underground, a cyber security research group revealed sensitive employee details, such as full names, emails, phone numbers, salaries, places of work, addresses, etc.  contradicting Activision’s statement. 

The gaming industry hold some of the best technological experts in the world and still despite best efforts, sometimes these breaches are unavoidable. This is exactly why proactive measures are crucial. By implementing robust security protocols and contingency plans, companies can mitigate risks and protect both their platforms and players. While cyber attacks remain prevalent, preparation is key. With proactive measures in place, the gaming community can stay resilient in the face of adversity, ensuring that the game goes on.

About CATS Technology

CATS Technology is a complete technology solutions provider, dedicated to providing solutions that will streamline operations, enhance productivity and drive innovation for businesses of all sizes. Our professionally trained and certified IT experts empower our clients to leverage the full potential of their IT investments to stay ahead of today’s rapidly evolving digital landscape. 

Our Services

Related Posts

The Betrayal of the ‘Grandparent Scam’

When a loved one calls you in distress, fear for their safety overrides any thoughts of suspicion. In that moment, protecting your loved one becomes your sole focus, often leading to immediate and impulsive action. You may not take the time to stop and think, hmm this doesn’t sound like their voice. Unfortunately, it’s precisely this vulnerability that scammers exploit in a scam. They prey on the natural instinct to safeguard family, manipulating emotions to extract money or personal information. And their main target? Grandparents.

Read More

SMS Security 101: 2024’s Most Popular Text Scams

Ever get an urgent text compelling you to click a link or send information? These are classic examples of text scams, also known as “smishing scams.” The word smishing, derived from “SMS, or Short Message Service” has become increasingly prevalent in the recent years and involves scammers using text messages to deceive individuals into compromising their security. 

Read More

The Wire Fraud Epidemic: It’s Time to Get Defensive  

As the saying goes, “We know a thing or two because we have seen a thing or two.” In the past year alone, there has been a surge in the number of businesses falling victim to wire fraud. Many of these incidents occur because their emails have been left susceptible to email hacking. We are here to say… many of those incidents could have been prevented. Investing in proactive cyber security for your email systems is no longer an option, it is essential in mitigating against the cyber criminals that can potentially prey on your business. 

Read More