Latest in Gaming

Image credit:

EA patched Origin security flaws that put millions of users at risk

Check Point Research and CyberInt warned EA of the vulnerabilities in its Origin platform.
Share
Tweet
Share

Sponsored Links

sezer66 via Getty Images

EA patched flaws in its Origin platform that could have enabled hackers to hijack and exploit millions of users' accounts. The vulnerabilities were spotted by Check Point Research and CyberInt, and once exploited, they could have allowed player account takeover and identity theft. The cybersecurity companies alerted EA, which was quick to take action.

The vulnerabilities took advantage of abandoned subdomains, EA Games' use of authentication tokens and single sign-on and TRUST mechanisms built into the user login process. Had an attack been carried out, it could have been devastating, given that EA is the world's second largest gaming company and millions of user accounts would have been at risk.

The vulnerabilities are a reminder of how susceptible online and cloud platforms are to breaches. "These platforms are being increasingly targeted by hackers because of [the] huge amounts of sensitive customer data they hold," said Check Point's Oded Vanunu. Check Point and CyberInt advise gamers to enable two-factor authentication and only use official websites to download or purchase games. The companies also caution that parents should warn children about the threat of online fraud.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Apple shuffles hardware execs to make room for a mysterious new project

Apple shuffles hardware execs to make room for a mysterious new project

View
‘Cyberpunk 2077’ update introduced a game-breaking bug | Engadget

‘Cyberpunk 2077’ update introduced a game-breaking bug | Engadget

View
A personal trainer app guilt-tripped me into exercising (and it worked)

A personal trainer app guilt-tripped me into exercising (and it worked)

View
Wacom's pen tablet for students now works with Chromebooks | Engadget

Wacom's pen tablet for students now works with Chromebooks | Engadget

View
Google reveals North Korean-backed campaign targeting security researchers

Google reveals North Korean-backed campaign targeting security researchers

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr