After initial restraint EA has spoken out in more detail about the hacks in FIFA 22 Ultimate Team (FUT), explanations and consequences have been communicated.
For weeks there had been some resentment within the FIFA 22 community: The fans had the feeling that EA SPORTS would not take the hacking attacks on high-profile FUT accounts of content creators like ‘Trymacs’ seriously enough – a meagre statement had not exactly built up trust.
The developer responded on Tuesday by publishing a Pitch Notes article on the issue, providing findings and actions. According to the article, the hacks resulted from “human error,” according to EA.
“Through threats and other social engineering methods, fraudsters have been able to exploit human error within our Customer Experience team, bypass two-factor authentication, and gain access to other players’ accounts,” EA wrote in a public statement.
Error in Customer Experience Team
According to the video game company, employees were threatened, among other things, to bypass two-factor authentication and gain access to accounts. According to current knowledge, fewer than 50 accounts were affected. The rightful owners are currently being identified in order to restore their access and content.
The affected players are expected to receive a response shortly and will be informed about the further course of action, but the investigations are continuing in the meantime. Which is not to say that no action has yet been decided: EA SPORTS says it is aware that “there is room for improvement. “
Training and additional verification steps
Since the recent security breaches are based on human behaviour, appropriate consequences will also be drawn. All advisors and persons supporting account services are to receive individual and team training – the focus would be on security practices and the aforementioned phishing techniques.
Furthermore, additional steps will be added to the verification process, such as “mandatory manager approval for any email change requests”. Finally, the customer experience software will be revised to better detect suspicious activities in the future.
First public apologies
These measures are intended to reduce the potential for human error in account updates, but they could also lead to longer wait times as part of the customer experience, according to EA SPORTS. The publisher also issued its first apology to any players who had been inconvenienced and for the thin initial statement.
Should the additional security practices provide progress, there are certainly many FUT players to appease. EA SPORTS is convincing in the wake of the Pitch Notes article by admitting its own mistakes and being appropriately transparent. Without corresponding improvement, however, all promises and apologies would be rather worthless – EA must continue to act.
