Cyber Incident Victim: Mango Markets
Date:
Jan 2022
Location:
United States of America
Summary
Malicious actors employed phishing and social engineering tactics to exploit human error within customer support personnel, bypassing two-factor authentication to compromise a limited number of accounts (under 50) on a gaming platform. The organization confirmed unauthorized access was achieved through manipulated account update processes and initiated measures including mandatory retraining for support staff, enhanced verification protocols requiring managerial approval for email changes, and system updates to improve detection of suspicious activity. Efforts to restore affected accounts to legitimate owners are ongoing, with the organization acknowledging security shortcomings and implementing safeguards to reduce future human error risks while apologizing for the incident's impact.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 7 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early January 2022, EA SPORTS confirmed reports of targeted account takeovers affecting FIFA 22 players. The incident involved malicious actors compromising high-profile accounts through phishing and social engineering tactics. Attackers manipulated EA's customer experience team by exploiting human error to bypass two-factor authentication protections. This method allowed unauthorized access to player accounts, primarily through fraudulent email change requests. EA's investigation revealed that fewer than 50 accounts were compromised through these techniques. The company initiated immediate efforts to identify legitimate account owners and restore access to both accounts and in-game content. Affected players were notified that support teams would contact them directly. EA emphasized that all compromised accounts resulted from sophisticated manipulation of customer service protocols rather than technical vulnerabilities in FIFA 22's systems.
EA responded by implementing administrative and technical safeguards across its account management processes. All customer service advisors received individualized retraining focused on phishing recognition and account security protocols. The company introduced mandatory managerial approval for all email change requests and enhanced its customer experience software to better detect suspicious activity. System updates included improved flagging mechanisms for at-risk accounts and reduced potential for human error during account updates. These changes were expected to increase customer support wait times due to additional verification steps. EA publicly apologized for communication delays during their investigation, which prevented earlier disclosure of details. The ongoing investigation continued to review all suspicious email change requests and compromise reports to identify any additional affected accounts.