EA Sports is the latest company to suffer from a data leak. Players of the game FIFA 20 have had their information compromised.
FIFA 20, a recently launched title from EA, has had its share of controversy. In the lead up to the launch, the game became one of a handful of games that earned scorn from players for containing the notorious loot boxes system.
Now, however, it seems that the game is becoming controversial for something completely different. Reports are surfacing that the game has suffered from a data leak on top of it all. From Forbes:
EA Sports has closed down the FIFA 20 Global Series competition registration process following a data leak incident that involved those trying to register being presented with the personal information of players who had already registered.
The information that was leaked included username, email address, country of residence and date of birth. A brief statement was made by EA Sports via Twitter more than four hours after the FIFA 20 registration process opened. “We take these matters seriously, and we immediately took down the page while we investigate the matter,” it said, “We’ll share updates as soon as possible.”
That update from EA Sports came the following day. This states that shortly after the registration portal page for the FIFA Global Series was announced at 1 p.m. (BST) on October 3, it learned some players trying to register were seeing information relating to those already signed up. “We immediately took action to shut down the site by 1.30 p.m.” the statement reads, “We were able to root cause the issue and implement a fix to be clear that information is protected.” EA Sports said that it is confident that players will not be impacted by the same issue going forward.
EA Sports has said that it determined some 1,600 FIFA 20 players were potentially affected by the data leak and is taking “steps to contact those competitors with more details and protect their EA accounts.”
What’s surprising is that technical mistakes like this can still happen. You’d think that, by now, with decades worth of online registration systems being developed, such technology would be perfected to the point that mistakes like this just doesn’t happen. At the very least, one would think that the system would be thoroughly tested to spot such issues in the first place.
Unfortunately, this technical oversight was not caught prior to launch. Now, players are suffering the consequences.
Of course, the question is whether or not regulators will step in and demand answers as to what happened. Some are, of course, looking to Europe where the GDPR privacy laws are in force. If the incident isn’t properly reported to regulators, companies can face a fine that measures in a percentage of annual turnover.
Another angle to look at this is the fact that history is full of examples where companies claim the data leak is small. In reality, the affected numbers seemingly skyrocket as drips of revelations start seeping out in the weeks after the initial report.
EA, for it’s part, is no doubt hoping that this particular blunder will end on this note, though. After all, almost everyone knows how damaging a leak or breach can be to a company in the first place.
Drew Wilson on Twitter: @icecube85 and Facebook.