An unknown hacker recently compromised the security of 2k. On September 20, 2K disclosed that their help desk platform had been compromised. The attackers used it to target users with fraudulent support tickets that distributed Redline Stealer malware via embedded links. Customers’ personal information was allegedly stolen due to a security breach by an unidentified third party and posted online for sale.
According to 2k, this breach happened when a third party illegally accessed the vendor login information, which it subsequently used to infiltrate one of the customer support systems used by the company.
A third party gained access to confidential customer information and sent harmful links that might jeopardize data saved on customers’ devices. It stated that the malicious link emailed to some players contained malware that might compromise passwords and other data stored on their devices.
At the end of September, 2K disclosed that the security of its customer support service had been breached and alerted its users to update their passwords to help protect their data. To investigate further into the breach and deal with the repercussions of the attack, the gaming company shut down its support portal and tweeted an apology for any disruption.
The company reached out to every customer whose information was stolen and put up for sale. Among the stolen data were email addresses, help desk identification numbers, player tags, and console information.
“Further investigation revealed that some of the personal information we keep on you when you contact us for support—including your name provided when contacting us, email address, helpdesk identification number, Gamertag, and console information—had been accessed and copied by an unauthorized third party,” 2k said.
The company contacted every user to inform them that no financial information had been compromised, but the company still urged them to update and change their passwords for extra security.
The business stated, “However, out of an abundance of caution, we recommend all of our gamers to secure their accounts by resetting passwords and, if they haven’t already, enabling multi-factor authentication.”
This is not the first time that 2K or one of its associate companies has been the victim of a cyber attack. Another hack occurred last month on Rockstar Games, owned by Take-Two, the parent company of 2K.
The company claims that the customer service support portal for 2K is now operational and secure to use.
What should you do if your data was stolen?
If you are among one of those users whose data got stolen, or you opened the link you received in the email, try following these steps:
- Any passwords that are saved in your web browser need to be reset.
- Any account that allows it, including email, banking, and social media, enables multi-factor authentication.
- Trusted antivirus software should be installed and run.
