2K Games User Data Stolen After Help Desk Hacked

The American game publisher 2K Games reports that after the September hack of the company’s technical support, some of the user data fell into the hands of hackers. Currently, the attackers are already selling data on the dark web, claiming that the dump contains more than 4 million lines and information about all users who contacted 2K Games support by mail.

Let me also remind you that in mid-September, 2K Games, which is the publisher of many popular game franchises (including NBA 2K, Borderlands, WWE 2K, PGA Tour 2K, Bioshock, Civilization and Xcom), suffered from a hacker attack. Then the compromised support of the company began sending out tickets to players containing links to the RedLine malware, designed to steal information.

The company reported that “an unauthorized third party illegally gained access to the credentials of the service desk platform from one of the vendors.” All users who managed to follow the malicious links of the scammers were advised to urgently reset all account passwords stored in the browser, enable multi-factor authentication, install antivirus software, and check if any strange redirects appeared in the mail.

As it turned out now, these attacks were not limited to just mailing the RedLine stealer. Now 2K Games warns that during the compromise of the support service, hackers managed to steal user data, and phishers have already targeted the victims.

Although the passwords were not stolen, the company still recommends that users change their passwords, as well as enable multi-factor authentication.

The fact that there was no password leak is confirmed by the attackers themselves, who have already put the stolen data up for sale. According to the description of the dump, which is published on the hacker forum, it contains 4 million lines and is “2K Games support database, which includes ID, username, email address, zendesk_email, real_name, platform information.”