‘FIFA 22’ update: EA says ‘less than 50’ players were affected by recent account takeover hacks
The start of 2022 was quite rocky for EA Sports after the publisher faced a highly publicized security issue that led to some high-profile “FIFA 22” accounts being taken over by hackers. The video game company has now issued an update stating that “less than 50” accounts were affected by the incidents. But EA also noted it is implementing changes to its customer service and account verification processes in the hopes of avoiding a similar situation in the future.
In a statement on Tuesday, EA Sports confirmed that the unauthorized takeover of high-profile “FIFA 22” accounts was carried out through phishing techniques and “social engineering methods” that tricked the publisher’s customer service team. The issue dilemma made headlines last week after several known “FIFA 22” streamers and FIFA Ultimate Team traders were targeted by account takeover campaigns.
Reports from leading trader FUT Donkey and Mirror indicated that one of the methods used by the attackers was spamming the EA Help live chat service. Bad actors bombarded customer support staff with requests such as changing a linked email address on a targeted “FIFA 22” account.
Mirror reported that, in some cases, customer support reps approved such a crucial request after the attackers simply provided a Gamertag or PSN ID, which are details that are commonly known in the public. Email accounts are often used for multi-factor authentication functions. So once attackers successfully replace an affiliated email address, taking over a target account should not be that difficult.
“We’d like to apologize for the inconvenience and frustration that this has caused and that we were unable to share additional details in our original communication last week as we conducted a thorough investigation,” EA Sports wrote. The publisher said its EA Advisors and customer support individuals that assist with EA account requests are “receiving individualized re-training and additional team training” after the incident.
EA added that it has added more steps in verifying account ownership claims and will now require individuals in managerial posts to be the ones to approve all email change requests. The “FIFA 22” publisher admits its new measures could lead to longer wait times for customer support’s response. But the publisher said the changes are necessary to make sure player accounts are less likely to fall victim to similar attacks.