Electronic Arts fell victim to a website hack using a phishing scheme designed to steal Apple IDs and credit card information. An EA server was used to steal personal information from Apple ID users. Any victim that recognizes the phishing website reported should quickly advise Apple and change all personal account information immediately.
It is believed a possible vulnerability in the calendar application enabled an intrusion to happen on one of the servers. The news was reported last Wednesday by researchers from U.K. security company Netcraft.
This legitimate looking site was actually a fake phishing scam, tricking victims into submitting their Apple logins. A second form presented itself next, requesting a long range of personal information such as name, credit card information, date of birth, telephone number, mother’s maiden name and other details to certainly be used for identity theft. Looking very official and directly from EA sites, it is possible that the attackers we’re able to make out with thousands of Apple IDs and more.
Netcraft quickly reported the breach to EA and the attackers were taken down. The phishing sites w’re hosted on the EA server that had been breached by the attackers. These types of attacks put users at risk into trusting the website’s request. Although such an extensive list of personal details should raise red flags for internet geeks, but the general public is left uninformed for the most part and are not to blame.
EA has been hit with DDOS attacks earlier this year and many times in the past year as well. The issue was serious and impeded server capacity and functionality. The scale of the attacks has not been made public and Electronic Arts preferred not to comment on allegations that their servers had also been infected with malware and participating in DDOS attacks as well.
More often, we are seeing how one compromised company’s infrastructure leads to stealing access to another larger company’s database in more ways than ever, such as the Target breach earlier this year. This specific event is still very rare, but is an example of how out of the box thinking will lead for new ways that cybercriminals can use to make a profit.
For now, all we can do is be extra vigilant. It’s unfortunate that the average user literally has to become a bit of a paranoid freak when browsing online. The general rule of thumb is to not provide any personal information when not necessary and be extremely wary of requests being done for your info where they should not be. Keep an antivirus if you’re the internet browsing type that likes to open several tabs at once while going around the web.
VPN is a very important added layer of security. Protecting your identity online at all times, keeping you safe from stealthy privacy breaches and allowing you the benefit of safe unrestricted browsing in the comfort of your own home and business giving you peace of mind. Check out our VPN reviews for more information, for quick reference, you can find our articles for free, cheap and top pick VPNs in those links.