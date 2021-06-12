Cyberattack roundup: EA source code stolen, McDonald's data exposed

Jun. 12, 2021 11:00 AM ETNAVI, MCD, EABy: Brandy Betz, SA News Editor22 Comments

Digital security concept
MF3d/E+ via Getty Images

  • Last week, Electronic Arts (NASDAQ:EA) was hacked and the attackers stole about 760 GB of data, which included game source code and debug tools. The company was quick to clarify that it wasn't a ransomware attack and the company doesn't expect any impact to its game or business.
  • The threat actors told BleepingComputer that the stolen data includes "the full FIFA source, EA game clients, and points used as in-game currency." The latter has been used by cybercriminals as a money laundering method.
  • The EA attackers say they have access to all of EA's services and are offering up the stolen data to those willing to pay $28M. See the full list of claimed stolen data here.
  • McDonald's (NYSE:MCD) confirmed a data breach that exposed a small amount of customer data in Korean and Taiwan. The data included names, addresses, phone numbers, and email addresses but no payment information.
  • The fast food giant says it quickly responded to close off access and will work on bolstering its cybersecurity.
  • Truck and military vehicle company Navistar (NASDAQ:NAVI) revealed discovering a cybersecurity incident on May 20. An investigation revealed that unknown attackers extracted data from the company's networks. Navistar didn't specify the type of data or specify whether it was a ransomware attack, though the structure and reaction suggest this was the case.
  • Navistar is continuing to put countermeasures in place and is working with law enforcement, but says that its operations are not impacted by the breach.
  • Recent ransomware target JBS Foods revealed it paid an $11M ransom to the attackers behind the breach of its servers in the U.S. and Australia. Sources have attributed the attack to Russia-linked cybercriminal group REvil.
  • The JBS ransom payment followed in the footsteps of Colonial Pipeline's ransom. Earlier this week, the U.S. Department of Justice announced recovering $2.3M of the $4.4M in Bitcoin that Colonial paid to ransomware-as-a-service group DarkSide.
  • After the high-profile pipeline attack, DarkSide claimed to be retreating after an outside party cleared out a cryptocurrency account used to pay its affiliates.
To ensure this doesn’t happen in the future, please enable Javascript and cookies in your browser.
Is this happening to you frequently? Please report it on our feedback forum.
If you have an ad-blocker enabled you may be blocked from proceeding. Please disable your ad-blocker and refresh.