Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search

Threat Actors Release 2022 Electronic Arts (EA) Employee Database

Pietro Melillo : 2 July 2024 09:00

Recently, a threat actor allegedly leaked a database containing information on Electronic Arts (EA) employees from 2022. The data breach was confirmed by the threat actor himself, who explained the reasons behind his decision to make the data public.

Currently, we are unable to accurately confirm the veracity of the breach, as no press release has been issued on the official website regarding the incident. Therefore, this article should be used as an “intelligence source.”

The Leaker’s Motives

The threat actor stated: “I recently noticed that a new burner account was created to try and sell this data breach, but it has already passed around hands (4-5 people). Since they are claiming they only want to sell it once to one buyer, I will leak it myself. I don’t know how this person got the database, but it was never meant to be for sale.”

Vorresti toccare con mano la Cybersecurity e la tecnologia? Iscriviti GRATIS ai WorkShop Hands-On della RHC Conference 2025 (Giovedì 8 maggio 2025)

Se sei un ragazzo delle scuole medie, superiori o frequenti l'università, oppure banalmente un curioso di qualsiasi età, il giorno giovedì 8 maggio 2025 presso il teatro Italia di Roma (a due passi dalla stazione termini e dalla metro B di Piazza Bologna), si terranno i workshop "hands-on", creati per far avvicinare i ragazzi alla sicurezza informatica e alla tecnologia. Questo anno i workshop saranno:

  • Creare Un Sistema Ai Di Visual Object Tracking (Hands on)
  • Social Engineering 2.0: Alla Scoperta Delle Minacce DeepFake
  • Doxing Con Langflow: Stiamo Costruendo La Fine Della Privacy?
  • Come Hackerare Un Sito WordPress (Hands on)
  • Il Cyberbullismo Tra Virtuale E Reale
  • Come Entrare Nel Dark Web In Sicurezza (Hands on)

  • Potete iscrivervi gratuitamente all'evento, che è stato creato per poter ispirare i ragazzi verso la sicurezza informatica e la tecnologia.
    Per ulteriori informazioni, scrivi a formazione@redhotcyber.com oppure su Whatsapp al 379 163 8765


    Supporta RHC attraverso:


    Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.

    This statement highlights a certain degree of discontent towards the actions of third parties who were trying to monetize the breach. The actor further added: “I don’t feel like typing out details of the breach, so I am stealing info from another post.”

    The Compromised Data

    The leaked database contains a wide variety of sensitive information, divided into several files. Here is an overview of the compromised data:

    • 34,993 user records: including full name, work email, phone number, office location, and working groups.
    • 1,105 applications registered in Microsoft Active Directory: with URLs and configurations.
    • 64,243 groups
    • 8,073 contacts

    These files represent a goldmine of information for anyone looking to exploit the data for illegal activities, such as phishing or other forms of cyberattacks.

    At this time, we cannot precisely confirm the veracity of the breach, as the organization has not yet released any official press statement on its website regarding the incident. Therefore, this article should be considered an ‘intelligence source.’

    Conclusion

    The EA data breach serves as a serious wake-up call for all companies, highlighting the importance of adopting robust security measures to protect sensitive information. As EA deals with the consequences of this data leak, the entire industry must reflect on the need to strengthen its resilience against cyber threats.

    As is our practice, we always leave space for a statement from the company if they wish to provide us with updates on the matter. We would be pleased to publish such information with a specific article highlighting the issue.

    RHC Dark Lab will monitor the evolution of the situation to publish further news on the blog, should there be any substantial updates. If there are individuals with knowledge of the facts who wish to provide information anonymously, they can use the whistleblower’s encrypted email.

    Pietro Melillo
    Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"