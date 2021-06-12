Cyberattack roundup: EA source code stolen, McDonald's data exposed
- Last week, Electronic Arts (NASDAQ:EA) was hacked and the attackers stole about 760 GB of data, which included game source code and debug tools. The company was quick to clarify that it wasn't a ransomware attack and the company doesn't expect any impact to its game or business.
- The threat actors told BleepingComputer that the stolen data includes "the full FIFA source, EA game clients, and points used as in-game currency." The latter has been used by cybercriminals as a money laundering method.
- The EA attackers say they have access to all of EA's services and are offering up the stolen data to those willing to pay $28M. See the full list of claimed stolen data here.
- McDonald's (NYSE:MCD) confirmed a data breach that exposed a small amount of customer data in Korean and Taiwan. The data included names, addresses, phone numbers, and email addresses but no payment information.
- The fast food giant says it quickly responded to close off access and will work on bolstering its cybersecurity.
- Truck and military vehicle company Navistar (NASDAQ:NAVI) revealed discovering a cybersecurity incident on May 20. An investigation revealed that unknown attackers extracted data from the company's networks. Navistar didn't specify the type of data or specify whether it was a ransomware attack, though the structure and reaction suggest this was the case.
- Navistar is continuing to put countermeasures in place and is working with law enforcement, but says that its operations are not impacted by the breach.
- Recent ransomware target JBS Foods revealed it paid an $11M ransom to the attackers behind the breach of its servers in the U.S. and Australia. Sources have attributed the attack to Russia-linked cybercriminal group REvil.
- The JBS ransom payment followed in the footsteps of Colonial Pipeline's ransom. Earlier this week, the U.S. Department of Justice announced recovering $2.3M of the $4.4M in Bitcoin that Colonial paid to ransomware-as-a-service group DarkSide.
- After the high-profile pipeline attack, DarkSide claimed to be retreating after an outside party cleared out a cryptocurrency account used to pay its affiliates.