• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Epic Games (Allegedly) Hacked in Ransomware Attack

adamsapple

Or is it just one of Phil's balls in my throat?

A relative newcomer to the ransomware scene is claiming to have successfully hacked game developer and distributor Epic Games.

The Mogilevich gang made the claim overnight, posting the details of the apparent hack on its darknet leak site.

“We have quietly carried out an attack to [sic] Epic Games’ servers,” a Mogilevich spokesperson said.

The gang claims to have 189 gigabytes of data, including “email, passwords, full name, payment information, source code and many other data”. The data is currently listed as up for sale.

“If you are an employee of the company or someone who would like to buy the data, click on me,” a hyperlink on the site said. The link leads to the group’s contact page, where a Tox messaging address can be found.

Mogilevich has not asked for a specific dollar figure for the data, and the current deadline for Epic Games to pay – or for someone else to purchase the data outright – is 4 March. Nor has it posted any proof-of-hack material, as Rhysida did with last year’s Insomniac Games hack.
 

ManaByte

Gold Member
“email, passwords, full name, payment information, source code and many other data”

If true, this is going to be the biggest lawsuit in the history of the industry. Fortnite.
 

Barakov

Member
Oh no....
SI2Rucl.jpg
 

Wildebeest

Member
Where are all you "it's just another launcher" guys at now?

hope it's a nothingburger and no GAFers are affected
Sadly, hacking seems to be on the rise. What can you do, other than go off the grid and live in a remote shack or something.
 

pqueue

Member
NO!!!!!!!!

They are going to steal all my weekly free games that I will never play!!!!!!!!!!! And now I won't be able to even if I wanted to!!!!!!!
 

pqueue

Member
My basic information was there too. But I am smart enough to not let Epic Games have my payment information.
 

SJRB

Gold Member
There's no way that sensitive information is not encrypted.

Still blows that this happened though.
 

nani17

are in a big trouble
OMG, they have my.....wait I only signed up to get the free games they don't have my pay details. Those bastards are trying to steal my free games I never play :messenger_pouting:
 
Hey, I never used epic and never had an epic account so I'm safe this time. Hope this ends up being nothing but I'd change my password, set 2fa if I were you guys. This is big if true. Godspeed to all users.
 

ManaByte

Gold Member
OMG, they have my.....wait I only signed up to get the free games they don't have my pay details. Those bastards are trying to steal my free games I never play :messenger_pouting:
300 million people (the population of the US) may have had their information stolen and people are making shitposts.
 
NO!!!!!!!!

They are going to steal all my weekly free games that I will never play!!!!!!!!!!! And now I won't be able to even if I wanted to!!!!!!!

My basic information was there too. But I am smart enough to not let Epic Games have my payment information.

Wow, talk about “the world revolves around me and only me, I can do no wrong, and I’m the only one on Earth who is always right…everyone else is stupid” personality disorder.
 
Last edited:

calistan

Member
It's not the first time for Epic. They had a security 'lapse' in 2018, and I got flooded with spam emails shortly after that. I asked them to delete my account, since it was only created for the Fortnite beta, but they never replied (probably their customer service address had been hacked too).
 

Neilg

Member
If anyone has ever worked directly at or as a contractor for epic you'll know how wild this is. Their security is the most anal, convoluted process going, and multiple times when I was told that things have to be this way because they run a tight ship as epic likes to keep things ultra secure, but it's to the point where the hoops they're making employees jump through will cause a significant drop in security as people try to streamline their experience.
I'm willing to bet this hack was some basic social engineering on someone with a high level admin account...
 
Last edited:
Depends how they encrypted it. Lots of companies still don’t salt their hashes.

I hope that's not the case. Talk about noob city if it were. I've never had any payment information on file with them, but yikes if they kept that kind of data around in a readable format.
 
I think I bought a game 3 years ago on there which I refunded because it was shit. Those card details will have expired at this point though.

These things happen and will continue to happen. Wonder when they'll inform us that it happened (if it happened), they only have 72 hours to report to data protection regulators in EU and should inform everyone that has an account with them.

Obviously, if you haven't already, change your password and enable 2FA.
 
Last edited:

Magic Carpet

Gold Member
Just signed in and they sent me a 2FA code through email. Email 2FA seems to be the only way to combat the Sim Swap hack I keep reading about. I've asked my banks to send email codes but nope they will only do it through text.
 

Nvzman

Member
Wow, talk about “the world revolves around me and only me, I can do no wrong, and I’m the only one on Earth who is always right…everyone else is stupid” personality disorder.
Yea I actually like Fortnite, I don't like the Epic Games Launcher but Fortnite is probably the ONLY F2P GAAS to do it right. Constant free content updates, actually cool and funny skins, good gameplay, lots of variety and social content, etc.
It has a pretty wide appeal too, as much as it gets derided for its appeal to kids there's plenty of shit for boomers too, like the various UT references and skins for things like Predator, Alien, Evil Dead, etc.
Most of the hate around Fortnite comes from its stigma, on its own merits its a pretty solid, fun shooter.

Hope that this ransomware attack gets formally discussed by Epic soon so we know the full scale, usually breaches like these have to be reported.
 
Last edited:

StreetsofBeige

Gold Member
For all store sites just don’t have your credit card info saved. Problem solved. Who cares if you got to manually type in your payment info anytime. It’s not like your buying something every day on an e-store.
 
Top Bottom