GTA Writer Take-Two’s Dangerous Week Will get Worse With Catastrophe Hack

A bearded basketballer shrugs and looks most perturbed.

Screenshot: 2K / Kotaku

Take-Two is certainly not having a superb time of it. Following the weekend’s colossal leak of GTA VI, its septimana horribilis continues with the contemporary information that its 2K Video games help companies have been hacked, and clients are actually being despatched out phishing scams.

Posting to the official 2K Assist Twitter account, 2K defined that its assist desk platform had been hacked, and the invader made off with a complete bunch of buyer emails. It says it “grew to become conscious that an unauthorized third occasion illegally accessed the credentials of one in all our distributors to the assistance desk platform that 2K makes use of to supply help to our clients.”

The tweeted assertion continues, “The unauthorized occasion despatched a communication to sure gamers containing a malicious hyperlink. Please don’t open any emails or click on on any hyperlinks that you just obtain from the 2K Video games help account.(Their emphasis.)

2K Support's warning statement about an email phishing scam, in white text on a blue background.

Graphic: 2K Assist

It is a fairly disastrous affair for 2K. Often when a community intrusion is detected, firms are capable of establish that even when e-mail addresses might have been accessed, they’ll reassure that passwords are salted and hashed, and bank card info was not accessed, and so forth. However right here, the attacker was clearly capable of really use 2K’s methods to contact clients from the official account, and as such bypass any of the standard spam filters or commonsense bullshit detectors an individual might have in place.

2K has taken its “help portal” offline whereas they struggle to determine what the heck occurred, which isn’t an awesome look, particularly within the week of NBA 2K23‘s launch. The assertion says, “We’ll subject a discover when you may resume interacting with official 2K assist desk emails,” which is…not a foolproof methodology. Firstly, it gives the look that there is perhaps a time when a beforehand unread phishing e-mail could be secure to click on on, and secondly, it hardly reaches individuals who’ve acquired the e-mail, who aren’t lucky sufficient to have seen the tweet (or learn the press protection).

In the meantime, these with open tickets are getting informed, on the time of writing, that 2K doesn’t “have estimates on if you’ll obtain a reply,” with the considerably ironic suggestion that they, “keep tuned by way of e-mail.”

Learn Extra: NBA 2K23: The Kotaku Assessment

For those who assume they might have already fallen for the phishing rip-off, 2K recommends that individuals reset all passwords, allow multi-factor authentication (however keep away from textual content message-based verification!), clog up their PCs with anti-virus software program, and “test your account settings to see if any forwarding guidelines have been added or modified in your private e-mail accounts.”

There’s additional trigger for concern if you discover that one buyer acknowledged {that a} doubtless hack had occurred some ten hours earlier than the assertion was launched, however was fobbed off by the official account. The authentic buyer replied nearly 9 hours earlier than the hack was confirmed, saying, “at this level its very clear that you just guys bought hacked on help issues associated.. make an announcement already earlier than the injury is just too massive.”

Many replies to the assertion are from bereft clients, claiming to have misplaced their accounts, or seen cash faraway from their video games. Many extra are from individuals who clicked on the hyperlinks within the emails, however now don’t know in the event that they’ve prompted any hurt to their units or account, and aren’t getting clear solutions.

It appears lots of the phishing emails are signed by “Shikhar A,” and comprise a hyperlink to a .zip file, purporting to be a brand new model of the 2K Launcher. It’s a secure guess to say you don’t need to be downloading that, ought to you’ve gotten acquired such an e-mail.

We reached out to 2K to ask for extra particulars concerning the assault, and to ask why it took so lengthy to ship out the warning, however regardless of the potential usefulness of solutions for his or her clients, we have been briskly informed, “We aren’t commenting past 2K’s social media posts associated to the matter.”


Leave a Comment