Cyberattacks are speeding up

Organizations have been a driving force behind cybersecurity awareness and training. It’s more important than ever to be up to date with cybersecurity knowledge so that attacks don’t happen on your watch. In these special edition newsletters, you’ll read about damaging attacks that happened in 2021 — and how employee actions changed the outcome.

The road to cybersecurity
Go slow and be suspicious!

This week, read about how the employees of Electronic Arts (EA) made a small but devastating mistake that caused harm to the company and allowed hackers to access their system.

Electronic Arts (EA) hack — Social engineering

The EA hack started when a hacker purchased a stolen cookie (a small text file used to identify your computer as you use a network). This allowed them access to EA’s Slack, a communication platform for organizations.

Once inside the organization’s communication channel, the hackers pretended to be an employee who had lost their phone. The IT department did not work slowly or take this communication as suspicious behavior. Instead, they gave information to the hackers and this information allowed the hackers to get into EA’s system. Over 700 GB of data was taken.

  • EA stated that no player information was taken and there was no risk to player privacy.
  • The hackers advertised game data for sale on underground forums. They stated that they would continue to leak information until they received a ransom.
  • What is social engineering? Social engineering is when a hacker impersonates someone to gain access into an organization’s system or even their physical space.