In FIFA 22 there have been recent incidents where particularly valuable FUT accounts were taken over by fraudsters, who then emptied them. Now, EA has made a comprehensive statement on the matter.
What happened? Several members of the FIFA community have spoken up in recent weeks, reporting attacks on their accounts.
- Among those affected were content creators and streamers, but also lesser-known names from the top trader lists – players with extremely valuable accounts – have reported incidents. Even “NickRunTheFUTMarket”, a well-known trader in FIFA 22, only tweeted the message “Hacked, Goodnight”. The streamer Trymacs was also hit – twice.
- Apparently, someone logged into the Ultimate Team accounts and emptied them. Highly rated players and large amounts of coins were simply gone.
- The two-factor authentication sometimes didn’t help. There was much criticism of EA’s customer support, where the security measures apparently were not sufficient to fully protect login data.
- You can find an overview of the hacking case in FIFA 22 here.
EA statement on the incidents – measures to improve security
This is what EA says about the incidents: At first, EA only responded with a very brief message stating that they were investigating the cases. Now, however, there is a more comprehensive statement in the Pitch Notes for FIFA 22, which includes an apology and outlines the steps that will be taken to prevent such incidents in the future.
“In recent weeks, we have been made aware that there were attempts to take over the accounts of high-profile players,” says the Pitch Notes. Investigations have confirmed that several accounts “were compromised using phishing techniques,” according to the statement.
Through threats and other social engineering methods, fraudsters were able to exploit human errors within our customer experience team, circumvent two-factor authentication, and gain access to other players’ accounts.
The EA SPORTS FIFA Team in the Pitch Notes (via EA.com)
As it stands, “fewer than 50 accounts” have been taken over using this method. The owners are currently being identified to restore account access and content. At the same time, investigations are continuing according to EA.
“The security of accounts is always also based on human behavior, and we are aware that there is room for improvement,” says the statement. Therefore, three measures will now be implemented to improve account security.
All EA consultants and those supporting EA account services will receive individual retraining and additional team training. The specific focus will be on account security practices and the phishing techniques used in this case.
We will enhance the account ownership verification process with additional steps, such as a mandatory manager approval for any email change requests.
We will revise our customer experience software to better detect suspicious activities, flag threatened accounts, and further minimize the potential for human errors in the account update process.
The EA SPORTS FIFA Team in the Pitch Notes (via EA.com)
These steps may result in longer waiting times if you contact support with relevant inquiries, but they are necessary to ensure the security of the accounts, according to the statement.
What do you think of the statement? Do you consider the steps to be appropriate, or would you have preferred a different solution? Let us know in the comments.
Apart from the hacking incidents, there is currently also talk about the upcoming TOTY event regarding Ultimate Team. This year, the Team of the Year in FIFA 22 is being voted on.
