Video game publisher admits support service was hacked
US video game publisher 2K has warned gamers of its titles not to click on links sent recently by its support service because they are likely to be malicious.
The company, which is a subsidiary of Take-Two Interactive, released a brief statement on Twitter overnight.
“Earlier today, we learned that an unauthorized third party had illegally accessed the credentials of one of our vendors on the support platform that 2K uses to provide support to our customers” , the read message.
“The unauthorized party sent a communication to some players containing a malicious link. Please do not open any emails or click any links you receive from the 2K Games support account.
The firm urged any user who has ever clicked on one of these malicious links to:
- Reset account passwords stored in their browser
- Enable multi-factor authentication (MFA) on all sensitive accounts such as email and online banking, preferably through an authenticator app rather than SMS
- Install and run an antivirus from a reputable vendor
- Check account settings to see if any forwarding rules have been added on email accounts
2K Games’ support function is now offline while the company investigates, and will remain so until the company makes an announcement to the contrary.
The malware in question is said to be designed to steal information from victims, including their passwords.
The incident comes just days after an alleged member of the infamous Lapsus$ extortion group compromised sister company Rockstar Games, stealing and releasing in-development footage of Grand Theft Auto 6.
It has also been suggested that the same actor may have been responsible for Uber’s recent breach which compromised the ride-sharing giant’s computer systems.
A 2K Games customer responded angrily to the new post, saying he told the company about the compromise 10 hours before it finally notified all users.