With ESports becoming bigger and bigger business, it’s also becoming a bigger and bigger target.
ESports Entertainment Association (ESEA) is one of the world’s biggest competitive video gaming communities, with a database of over 1.5 million players worldwide. With so many players, a large number of these had monetary value attached to accounts for in-game purchases.
Unfortunately, ESEA were hacked at the end of December 2016. As a result, the database containing 1.5 million player profiles became compromised.
The hacker(s) demanded a (rather hefty) ransom payment for keeping the hack quiet; however, ESEA did not give into the demands.
They made a public announcement regarding the compromised accounts, and urged users to change passwords. The organisation themselves also took to resetting passwords, multi-factor authentication settings and security questions.
Mark James, ESET IT Security Specialist, discusses why gaming accounts would be targeted, and how to stay safe online post-breach.
“Gaming entities and online profiles can be worth “real life” money, and not to mention in some games the ability to sell in-game items for actual money can reap large payloads for some unscrupulous individuals.
“Gaining access to those accounts can be achieved by many ways; using malware to harvest login credentials or phishing scams to either trick the user into entering their details to “keep their account safe” or trying to validate a scam email by including something they can relate too.
“The details leaked from this breach could enable someone to do just that: the leaked records included the usual personal information - registration date, city, state (or province), username, email address, date of birth etc.
“It’s the Steam ID, Xbox ID, and PSN ID that are more likely to be used for further scams. Always be extra vigilante of any emails or even calls you receive that want you to validate your login or any other personal information, check your financial statements and of course change any affected passwords from this breach.”
Have you ever had a gaming profile or account hacked? Let us know on Twitter@ESETUK
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.