News
FIFA 22

Why EA Sports' FUT hacking scandal matters so much

19:00 EAT 12/01/2022
GFX Joao Felix FIFA 22
The company has apologised for accounts being taken over through a security loophole - but the incident is cause for major concern

EA dealt with trust issues with its FIFA Ultimate Team user base even before last week, when people around the world reported their accounts being taken over by strangers and their virtual FUT coins and players stolen.

The company has previously been labelled “predatory” for the way users are incentivised to spend real money on in-game currency - a claim it has strongly denied in statements to GOAL - and the newfound vulnerabilities in the FIFA 22 game mode will bring questions about how it deals with the exploitation of its own fanbase.

Beyond the competitive inconvenience, there are financial repercussions involved. People often spend hundreds of pounds every year on building out their teams - and this is particularly the case for those who stream their content online as they aim to draw an audience with squads made up of rare, expensive cards.

So, this is a big deal to loyal users worried about whether they’re protected, and the video game publisher now needs to be transparent and thorough to make amends. To this point, its response has been slow, with it taking several days to come out with a full explanation of what happened.

“Over the last few weeks we’ve been made aware of reports that high-profile player accounts are being targeted for takeover,” EA wrote in a statement on Tuesday, four days after news of the incident broke.

“Through our initial investigation we can confirm that a number of accounts have been compromised via phishing techniques. Utilizing threats and other ‘social engineering’ methods, individuals acting maliciously were able to exploit human error within our customer experience team and bypass two-factor authentication to gain access to player accounts.

“At this time, we estimate that less than 50 accounts have been taken over using this method. We are currently working to identify rightful account owners to restore access to their accounts, and the content within, and players affected should expect a response from our team shortly. Our investigation is ongoing as we thoroughly examine every claim of a suspicious email change request and report of a compromised account.”

While apologising for being “unable to share additional details in our original communication last week as we conducted a thorough investigation”, EA has finally outlined new account safeguards it will implement, including re-training for customer service representatives, additional account verification measures and updated software.

Hacks, scams and glitches have long been an issue in FUT with bad actors able to take advantage of a collection of players that skews younger.

Oftentimes breaches are incredibly low-tech, making them difficult to stop with technology security measures. This one reportedly came from customer service representatives being convinced to turn over sensitive information to thieves, but there have also long been cases of vulnerable children tricked through console messaging into turning over their private accounts.

EA acknowledged that difficulty in its statement: “There is always a human factor to account security and we know we must do better.”

Questions remain over why, more than 10 years into the existence of FUT, human factors weren’t better addressed before now and why customer service agents were so easily swayed to turn over valuable information. And if this was possible, what else might be exploitable?

Some users, such as card market trader FUT Donkey, said they lost millions in virtual coins in the scandal - equivalent to hundreds if not thousands of real-life pounds.

The fact that public-facing users were attacked should be particularly concerning for EA as it tries to protect its image. After all, streamers have been a major part of building interest in FUT and shaping the narrative around FIFA in general. When the average gamer sees their favourite Twitch or YouTube creator being targeted, it could well erode their own trust in the company.

"[Influencer culture] has obviously driven popularity to the maximum, to the point where now in FIFA 22, influencers and football stars were prioritised in the run-up to the game,” said game reviewer Jordan Oloman to GOAL.

Fortunately for EA, there isn’t a viable football video game alternative currently on the market given the disaster of eFootball 2022 that has seen Konami fall further behind in the publisher rivalry, but the public conversation about FIFA 22 being centered on scandal still hurts.

FUT is the big money-maker for the company’s football division. It would do well to protect that asset and the people who want to participate.

Video games may seem frivolous on the surface, but the issue is most certainly serious given the financial stakes.