Re: very bad EA customer security
by E9ine_ACOriginal Post
very bad EA customer security
Accepted Solution
Re: very bad EA customer security
As a cloud and cybersecurity student, I can say it's pretty hard to hack a modern mobile phone, when it's 5 years old it's just game over, and even loading an image will get you hacked easily. but no hacker is going to do that much effort to only hack your EA account or any other, then it is a targeted attack. I can pretty much confirm it's all phishing now and unsafe practices no targeted hacks.
- Use a password manager (recommend Dashlane)
- When you register just enable 2FA then, which saves you a lot of time.
- Don't click any links in your mail, once they get you, you are on a list and your information is sold, you will receive a lot more scam and phishing emails.
- If you get a lot of junk emails, switch email
Edit:
I also don't think it's a data breach, one EA should have communicated that they've had now and know when that happened because that player information is possibly worth billions.
And as the law requires they have to inform their customers, the hackers also have to decode the hashes when salted is a pain to do taking a lot of time.
What's also possible but unlikely is a security issue in linking the EA account to the steam account where a man in de middle attack is possible but don't think that is the case.
It would be also pretty difficult to do that.
Thank you for coming to my TED talk.
My name was zeel and remember to keep your account secure
All Replies
@NirXFIt is not the companies fault users do not take 30 seconds of their time to secure the accounts. There are many methods they offer to ensure you would not have this happen. Does this make it the companies fault or the user who owned the account?
Everything you mention can be diverted simply by setting up this security. Long story short. Don't blame someone else for another's mistakes.
Allow me to walk you through this. In order to gain someones, origin and or steam account information means they took measures outside of those 2 clients and compromised themself. You dont magically guess someones login information and password there was more to this then even you understand or your friend. A simple link click can gain access to every single thing on your pc from your bank info to accounts infos. So they most likely could of gained access to the email itself. This is no fault to either side of the clients side of things.
@NirXFAnd the American pentagon has some the most secured servers in the world. Yet its compromised. Yet every military agency in america was compromised. So it does not matter what they do for a living no one is safe.
I highly doubt 2 step was active as it would of sent a text to the phone asking is this you logging in? Once you click no boom they cant log in. It also prompts instantly for a password change. So no sir im not in a cave or something.
I been doing Cyber Security work as well as programming for over 20 years now. Even im not safe.
https://help.ea.com/en-us/help/account/ea-login-verification-information/
