Electronic Arts claims the hack that resulted in someone posting 600 user credentials on the website Pastebin wasn't a hack at all. Gamers are encouraged to change their passwords, to be safe, but the video game developer said Monday there's been no evidence a breach occurred.
“We found no indication at this point of a breach in our Origin account database,” EA said in a statement to the Register. “We encourage our players to use Origin user ID and passwords that are unique to their account, and to report any activity they feel may be unaurthorized to EA customer support at help.ea.com.”
It's possible many of the account credentials posted are outdated, or that they were first leaked as part of a previous, unrelated breach on another compamy. Would-be hackers frequently use Pastebin and similar sites, like GitHub, to recombine existing data to boost their own reputation.
Reports that EA was hacked first surfaced Thursday, when emails, passwords, game listings and what appeared to be birthday information belonging to roughly 600 customers were posted online. At least one gamer verified to media outlets that his credentials were accurate.
“Once I'd taken a look at the dump it seems linked to my EA account – a full list of my games appears to be there, along with the email address on the account and password,” said the gamer, as quoted by CSO Online.
Pastebin is primarily used by Web developers as a place to share and review source code in development. The open nature of the site has helped make it popular with hacking groups, including Anonymous and the group that breached Sony Pictures.