Cybercriminals claim to have used Slack as part of the hack that saw them steal valuable source code from game publisher EA.
EA confirmed the breach in a statement last week, saying that a “limited amount” of source code for games was stolen. The hackers claim to access the source code for games including FIFA and the Frostbite game engine.
Vice has now reported that the hackers used Slack as a way in.
The publication quoted a “representative” of the group, who said they first gained access to an EA Slack channel by acquiring a stolen cookie for $10.
Once in the Slack channel, the group contacted IT support claiming to be an employee who had lost their phone. The hackers then succeeded in tricking the IT employee into giving them a multifactor authentication token, which gave them access to EA’s corporate network.
The group claim to have stolen 780gb of data from EA and are now advertising it for sale in underground forums online.
EA has stressed that no customer data has been stolen.
Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business,” the publisher said.
“We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.”
