Popular game “Fortnite” is the next major business to be on the user security chopping block: the popular video game revealed that a security flaw may have put the game’s 80 million accounts in jeopardy.
A flaw in password security enabled hackers to log into an undisclosed number of user accounts. The criminals were able to take over accounts, view sensitive information like payment details for V-Bucks, buy items in-game, and even listen in on user conversations in real time.
The hacker would be able to gain access through a user’s account via a phishing link sent to the user’s email. The link was made to look like it came from the game’s developer, Epic Games. Once the link was followed, hackers got access to the user’s account without the need for a password or other verification.
According to reports, this security flaw was discovered by cybersecurity firm Checkpoint Software Technologies back in November. As of Jan. 16, the flaw in security was fixed.
Now, Epic Games has requested account users change their passwords for added protection despite the fact that the hack didn’t rely on password information in the first place. Regardless, the attack revealed three vulnerabilities in the game’s web infrastructure.
After such a large security flaw like this, Epic Games and “Fortnite” cover all their bases when it comes to cybersecurity. It’s estimated that 40% of consumers will stop doing business with a company if the business has experienced a security breach.
“We were made aware of the vulnerabilities and they were soon addressed,” a spokesperson for Epic Games announced. “We thank Check Point for bringing this to our attention. As always, we encourage players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others.”
As cloud-based software becomes increasingly common, hackers have had a field day breaking into the storage spaces. This is primarily because cloud systems store a variety of valuable information pertaining to a user’s account. Check Point notes that a two-factor authentication system can help mitigate this problem.