Sensitive Employee Details of 34,993 EA Workers Leaked

Electronic Arts (EA) is a leading global interactive entertainment software company, known for developing and publishing video games. Established in 1982, EA has produced many popular titles such as FIFA, Madden NFL, and The Sims.

Breach Details

• Date of Incident: July 1, 2024
• Type of Data Compromised:
  • User Records: 34,993 entries (full names, work emails, phone numbers, office locations, working groups)
  • Microsoft Registered Applications: 1,105 entries (URLs, configurations)
  • Groups: 64,243 entries
  • Contacts: 8,073 entries

A recent leak of EA’s employee database surfaced online. This database includes comprehensive information on nearly 35,000 employees, containing sensitive details such as contact information and work specifics. The leaked data also includes configurations for over a thousand Microsoft applications and extensive records on various user groups and contacts.

Threat Actor Profile

• Username: rise
• Forum Activity: Low (4 posts, 2 threads)
• Reputation: 30 (as of July 1, 2024)
• Modus Operandi: Initially, a burner account attempted to sell the database but failed. Consequently, the user "rise" chose to publicly leak the information, highlighting that the data was never meant for sale.

Impact Analysis

• Employee Exposure: The leak exposes personal and professional details of 34,993 employees, potentially putting them at risk of phishing attacks, identity theft, and other cybercrimes.
• Operational Risk: The disclosure of internal configurations and group details may compromise EA's internal systems, potentially leading to further exploitation by malicious actors.
• Reputational Damage: Such a significant data breach can harm EA’s reputation, eroding trust among employees, partners, and customers.