New details have come to light about the recent data breach suffered by EA (opens in new tab) and the video game maker allegedly ignored warnings from security researchers that could have prevented hackers from gaining access to its systems.
Earlier this month it was revealed that EA fell victim to a data breach in which hackers were able to gain access to its corporate network and steal 780GB of source code, SDKs and other proprietary tools.
Now the Israeli cybersecurity firm Cyberpion has revealed to ZDNet that it reached out to EA last year to inform the company that several of its domains (opens in new tab) could be subject to takeovers while others contained misconfigured DNS records.
- We've compiled a list of the best antivirus (opens in new tab) software available
- These are the best ransomware protection (opens in new tab) solutions on the market
- Also check out our roundup of the best endpoint protection (opens in new tab)
According to Cyberpion co-founder Ori Engelberg who spoke with the news outlet, EA did nothing to address the issues the firm had discovered even after it sent over a detailed document containing more information on the vulnerabilities along with a proof of concept.
A report published by Motherboard days after the data breach came to light revealed that the hackers responsible used stolen cookies and Slack (opens in new tab) to trick one of EA's employees to provide a login to its corporate network.
However, before EA was even breached, Engelberg and his team reportedly tried to warn the company that at least six (now 10 according to Engelberg) vulnerabilities left multiple domains and other assets exposed online. While 15 EA sites served login pages over HTTP as opposed to HTTPS (opens in new tab) which is more secure, others contained DNS (opens in new tab) misconfigurations that made them vulnerable.
While speaking with ZDNet, Engelberg recommended that large organizations like EA should decommission unused subdomains and keep their certificates up to date in order to protect their networks from similar attacks.
As Cyberpion told its side of the story to ZDNet, so too did EA with a company spokesperson saying the cybersecurity firm approached them about being a potential vendor. However, according to the spokesperson, Cyberpion did not provide EA with a full list of vulnerabilities and was more concerned about arranging a sales meeting to “show of their techniques”. At the same time, the firm did not follow EA's product security vulnerability disclosure (opens in new tab) process.
- We've also highlighted the best data loss prevention services (opens in new tab)
Via ZDNet (opens in new tab)