More than 500,000 Activision accounts may have compromised as a result of a data breach suffered by the gaming firm on September 20, reported the eSports site Dexerto.
According to Dexerto, the login for Activision accounts been publicly leaked and threat actors also changed accounts’ details to prevent easy recovery by the legitimate owners. Most of the Activision accounts are also used by players of the popular game Call of Duty titles, including Warzone, Modern Warfare, and Mobile.
“All Call of Duty players should be on notice after a major Activision hack has left millions of accounts in limbo.” reads the post published by Dexerto.
“As of the time of publishing, over 500,000 Activision accounts have reportedly been hacked, with log-ins being leaked publicly. Hackers are then changing the account details, making it so the original owners can’t recover them.”
The data breach was first reported by ‘oRemyy’ on Twitter and later confirmed by other content creators, like TheGamingRevolution and Prototype Warehouse.
TheGamingRevolution account revealed that the threat actors behind the hack are reportedly “generating 1,000 accounts every 10 minutes.”
At the time it is not clear how hackers breached the accounts, the security breach could be the result of a credential stuffing attack.
Players are recommended to change their account passwords as soon as possible.
“You should also unlink your Battlenet, PSN, Xbox, or other accounts associated with your Activision account to protect those as well. If you have saved payment details on hand too, you’ll want to try and remove those too.” concludes Dexerto. “Unfortunately, Activision accounts do not have two-factor authentication on them. You’ll just have to keep an eye on your account for any major changes, and just cross your fingers.”
(SecurityAffairs – hacking, data breach)