You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
Electronic Arts has confirmed reports that a number of "high-profile" FIFA Ultimate Team accounts have been taken over by hackers, who were able to "exploit human error within our customer experience team" in order to bypass two-factor authentication.
The original takeover reports surfaced last week via Eurogamer, which noted that several top FUT traders had reported their accounts had been taken over and stripped of FIFA points and coins. According to the report, the attackers, using gamertags taken from FIFA leaderboards, were able to convince EA support staff that they were in fact the proper owners of the account. The reps then revealed the email addresses attached to the gamertag and reset the passwords on the accounts, enabling the attackers to log into the accounts and strip them.
Just got hacked boys, finally people can stop blaming me for the hacks xDI plan to take legal action, they gave my account to a random person via the live chat, a clear breach of data protection lawsWas a fun ride, see u guys in 23 I guess❤️January 5, 2022
This hacking thing has really pissed me off. I did a good comparison on stream todayIts like ive locked all my work tools to do my job in my work van. Only for the van company to go ahead and hand the keys to a random person on the street without informing meFumingJanuary 2, 2022
After investigating the claims, EA has now confirmed that it is responsible for the security failure.
"Through our initial investigation we can confirm that a number of accounts have been compromised via phishing techniques," EA wrote. "Utilizing threats and other 'social engineering' methods, individuals acting maliciously were able to exploit human error within our customer experience team and bypass two-factor authentication to gain access to other player accounts."
EA currently estimates that fewer than 50 accounts have been taken over in this fashion, and it is now working to figure out who the proper owners are, and to restore all stolen content. It also promised that steps will be taken to ensure this sort of thing is less likely to happen again in the future.
- All EA Advisors and individuals who assist with service of EA Accounts are receiving individualized re-training and additional team training, with a specific emphasis on account security practices and the phishing techniques used in this particular instance.
- We are implementing additional steps to the account ownership verification process, such as mandatory managerial approval for all email change requests.
- Our customer experience software will be updated to better identify suspicious activity, flag at-risk accounts, and further limit the potential for human error in the account update process.
It also warned that these new steps "could impact customer experience wait times"—make them longer, in other words—but added that they are necessary to ensure better account security.
The reaction to the changes amongst FUT fans on Reddit seems generally positive so far: Longer wait times for support requests isn't great, but neither is the idea that some smooth talker can make off with your account credentials if they connect with a sufficiently inattentive support rep. The situation isn't fully resolved yet, though.
"Really happy to see this, this SHOULD prevent future victims from getting hacked," FUT Donkey, whose account was hacked last week, tweeted. "Now my question is what are you gonna do for us who got hacked? I've not heard a single word from EA since I got hacked. Are we ever getting our coins back?"
And there may be repercussions beyond FUT itself: NickRTFM lauded the account security changes on Twitter but added that someone is now using his leaked personal details to apply for credit in his name.
pic.twitter.com/ALgTrmviceJanuary 11, 2022
