As one of the biggest companies in the industry, Epic Games has been targeted by cyber attacks plenty of times over the years.
Recently, a group known as ‘Mogilevich’ claimed to have infiltrated Epic Games’ servers, stealing almost 200GB of data. The group claims this data includes emails, passwords, payment information, source code and other data, mostly pertaining to Epic’s biggest game, Fortnite.
Lawrence Abrams of Bleeping Computer has been in contact with the group and was told that proof of the breach will only be shown to someone willing to pay $15,000 for the data, and that person must also be able to provide proof of funds. Abrams, an expert in the cyber security field, says the breach “doesn’t feel real” based on the group’s actions thus far.
Epic Games has also responded to the cyber attack claims, stating that the company is “investigating” but has found “zero evidence that these claims are legitimate” so far.
The group claiming to have conducted the attack have also not contacted Epic Games directly, an odd approach for a group looking to ransom off data.
The group responsible has set a March 4th deadline for selling the data but did not threaten to leak it should that deadline not be met. In all, there are some rather big inconsistencies here compared to legitimate cyberattacks we’ve seen in recent years. Typically, these groups would also auction off the stolen data in a bidding war, so the $15,000 flat rate also comes across as odd.
Considering that March 4th deadline is just at the other side of the weekend, there should be an update on this story early next week.