EA Confirms Its Firemonkeys Forum Was Hacked One Year Ago

Electronics Arts (EA) confirmed that the forum page of its subsidiary, Australian game developer Firemonkeys Studio was hacked on Sept. 9, 2013, IGN reported.

After the company detected the cyber attack on the "Real Racing 3" game developer, it deactivated the forums and servers to prevent further security breaches.

"EA Firemonkeys became aware of a cyber attack on a stand-alone Firemonkeys forum in September 2013," a representative from EA said. "Firemonkeys took immediate action by shutting down the forums and taking the server in question offline to prevent potential misuse."

According to the spokesperson, an investigation on the incident revealed that personal information of a number of forum users and customers were stolen during the attack.

Fortunately, the company noted that it did not found any evidence pointing to the theft of sensitive details such as passwords and payment information, according to Game Spot.

"An investigation determined that a small number of customer email addresses were potentially obtained," the spokesperson said.  

"But revealed no evidence of other information being accessed including passwords, names, security questions, payment information or any other sensitive data that could permit access to an online account," the representative added.

However, an insider who claims to have knowledge about the incident and the investigation revealed that along with email addresses, users' names and dates of birth were also stolen. These details were then downloaded by other people.

The source alleged that an individual or group that goes by the name Sh4d0w_h4x0r was the one who hacked Firemonkeys' forum page.

The representative from the company mentioned that the forum was the only target of the attack. EA's other databases and online accounts were not compromised during the incident, Console Tuner reported.

"To be clear, no EA systems or databases were affected outside of the singular Firemonkeys forum, Firemonkeys took swift and appropriate action under the circumstances to address the issue," the spokesperson said.

Reports about the attack on Firemonkeys only recently surfaced because Australia's data breach notification laws don't require companies to inform government agencies or media outlets regarding such incidents.