Stolen employee credentials put leading gaming firms at risk

Stolen employee credentials put leading gaming firms at risk

It’s hardly fun and games for top gaming companies and their customers as half a million employee credentials turn up for sale on the dark web



More than 500,000 login credentials linked to the employees of 25 leading game publishers have been found for sale on dark web bazaars, according to a report by threat intelligence company KELA. Threat actors have been increasingly targeting the gaming industry, including by harvesting and selling access credentials into the internal systems of top-tier game companies.


The firm found almost 1 million compromised accounts belonging to gaming clients and employees of major gaming companies, with half of them ending up for sale on the dark web over the past year. The criminals’ increased interest in the gaming industry could partly be chalked up to some effects of the COVID-19 pandemic, which has forced most people inside and online for their social activities, including for online gaming. With revenues estimated to reach almost US$200 billion by 2022, it’s no wonder the gaming industry has become a target for cybercriminals.


KELA has been tracking activities on the internet’s seedy underbelly for over two-and-a-half years and found compromised accounts that could provide access to the internal systems of almost every major gaming company. The accounts in question would grant entry to project management software, admin panels, virtual private networks (VPNs), and development-related environments, among others. Threat actors could wreak all manner of havoc, ranging from stealing company secrets, intellectual property and customer data to deploying ransomware on the company’s machines, which could lead to monetary and reputational damage.


Indeed, over the past few months, said KELA, criminals have been observed seeking access into the networks of a number of g ..

Support the originator by clicking the read the rest link below.