EA SPORTS has finally responded to the FIFA 22 account hack scandal which has seen some players lose millions of coins in Ultimate Team, apologizing for the breach in security.
The sports video game giant revealed the results of its internal investigation on January 11, following a week of pressure from the player base and media outlets.
In the report, they admitted that hackers took advantage of “human error” in their account takeovers.
The hackers used phishing and social engineering methods to “maliciously” take from other members of the community, an official statement reads.
EA respond to FIFA 22 account hacks
As a result, EA has confirmed that their staff will be re-trained to deal with these issues in the future, and meanwhile, will be contacting those affected in due course in a bid to restore their content.
The statement reads: “Over the last few weeks, we’ve been made aware of reports that high-profile player accounts are being targeted for takeover.
“Through our initial investigation, we can confirm that a number of accounts have been compromised via phishing techniques. Utilizing threats and other “social engineering” methods, individuals acting maliciously were able to exploit human error within our customer experience team and bypass two-factor authentication to gain access to other player accounts.”
Hundreds of messages flooded the Dexerto newsdesk in the first week of January, asking for media outlets to help the campaign for players to have their accounts restored to a pre-hack state.
However, EA claims the number of accounts hit by this security breach was far fewer than that.
“At this time, we estimate that less than 50 accounts have been taken over using this method. We are currently working to identify rightful account owners to restore access to their accounts, and the content within, and players affected should expect a response from our team shortly.
“Our investigation is ongoing as we thoroughly examine every claim of a suspicious email change request and report of a compromised account.”
EA set sights on improving security
For players, they will be wondering what happens next?
The developers have issued a clear plan for how they want to deal with the issue long-term, which includes the following:
New EA account administrative and technical safeguards
- All EA Advisors and individuals who assist with service of EA Accounts are receiving individualized re-training and additional team training, with a specific emphasis on account security practices and the phishing techniques used in this particular instance.
- We are implementing additional steps to the account ownership verification process, such as mandatory managerial approval for all email change requests.
- Our customer experience software will be updated to better identify suspicious activity, flag at-risk accounts, and further limit the potential for human error in the account update process.
To conclude, their statement says: “We’d like to apologize for the inconvenience and frustration that this has caused, and that we were unable to share additional details in our original communication last week as we conducted a thorough investigation. Thanks to the whole community for your patience as we continue to address the situation and take corrective actions.”