Top gaming companies hit by major data breach, one million employees affected
The stolen data can be found on the dark web
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Sensitive information pertaining to employees at some of the web’s most popular gaming companies is available to buy on the dark web, security researchers have discovered.
Kela Research, an Israeli cybersecurity firm, found more than 500,000 leaked credentials connected to employees at leading gaming companies.
Although Kela did not disclose the specific companies affected, it did reveal that it has been monitoring underground markets for more than two-and-a-half years now and that nearly every major gaming company was affected. The compromised credentials would give attackers access to a number of important internal resources, including admin panels and development-related projects.
“It’s important to note that we detected compromised accounts to internal resources of nearly every company in question,” Almog Zoosman and Victoria Kivilevich, two Kela researchers,explained. “These resources are meant to be used by employees, for example – Admin panels, VPNs, Jira instances, FTPs, SSOs, dev-related environments, and the list goes on and on. As seen in the examples below, with a payment of just a couple of dollars a potential attacker can have access to the core areas of a company’s network.”
Game on
The security researchers point out that there have been a number of high-profile ransomware attacks that have targeted gaming companies in recent times, with the likes ofCapcomand Ubisoft notable examples. However, many of the credentials available on the dark web predate these incidents, suggesting that the gaming sector has more deep-rooted security issues.
With online gaming more popular than ever, and with many gaming companies now having access to users’ financial information, it has become more important than ever that they take security seriously. Attackers will certainly use ever more sophisticated methods to steal sensitive information as the potential rewards increase. It is up to gaming firms to show they are up to the challenge.
ViaSilicon Angle
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services. After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
This new phishing strategy utilizes GitHub comments to distribute malware
Professionals are facing “tech overload” as they try to juggle multiple devices in the workplace
