EA apologises for FIFA account takeovers and says it’s improving security

videogameschronicle.com:

Electronic Arts has confirmed a recent spate of FIFA account takeovers.

As previously reported, a number of prominent streamers and FIFA Ultimate Team traders have had their accounts compromised in recent weeks, which have then been emptied of coins and players.

It’s claimed that by simply providing a gamertag or PSN ID associated with an EA account, persistent hackers were able to persuade EA Help live chat advisors to hand over or change email addresses associated with said accounts, and to reset passwords.

Having investigated the issue, EA confirmed on Tuesday that “less than 50” accounts were taken over.

“Utilizing threats and other ‘social engineering’ methods, individuals acting maliciously were able to exploit human error within our customer experience team and bypass two-factor authentication to gain access to other player accounts,” it said.

“We are currently working to identify rightful account owners to restore access to their accounts, and the content within, and players affected should expect a response from our team shortly. Our investigation is ongoing as we thoroughly examine every claim of a suspicious email change request and report of a compromised account.

“There is always a human factor to account security and we know we must do better,” it added, before outlining three measures being taken to beef up security as a result of recent incidents.

All staff who assist with EA Accounts will receive extra training, additional steps to the account ownership verification process will be added, and EA’s customer experience software will be updated with additional security features.

EA said these actions may result in longer customer wait times.

“We’d like to apologize for the inconvenience and frustration that this has