A KickAss hacking group member (not the Torrent group) who goes by Leakbook claims to have the full FIFA 21 source code, which they have listed for sale on a popular hacking forum. In addition to the FIFA 21 source code they also claim to have access to the matchmaking servers, Frostbite source code, private API keys, and other development tools. Leakbook directs users to the KickAss hacking group website for the sale.
The KickAss group went down in January 2019 after it received media attention due to an extortion attempt. A user claimed to have legal documentation associated with the 9/11 terrorist attacks. Almost two years later in Dec 2020 it came back online. We don’t recommend visiting this hidden site.
Contrary to what other news outlets have reported, we found Leakbook has given some examples of the exfiltrated material. It looks like real source code and company files, but we have no way of knowing if the code in the example came from FIFA 21.
Entertainment Arts (EA), the publisher of FIFA, confirmed the breach to Motherboard. “We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen,” It doesn’t appear that the breach contains any private user data. The list of breach contents from Leakbook also doesn’t mention any user data and EA claimed that no user data was lost.
The recent breach from CD Projekt Red and now this breach doesn’t appear to come from game hackers who pirate the game and distribute it through P2P networks. These groups come from a background of breaching networks and exfiltrating data. These game publishers tend to lack security best practices and hold high value targets for the average person interested in breaching cyber security. If you have valuable data, ensure you have properly protected it behind a Firewall and monitor access to it.