E-Sports Network ESEA Hacked, 1.5m Records Compromised After Alleged Failed Extortion Attempt [Video]By Noi Ramirez, UniversityHerald Reporter
E-Sports Entertainment Association (ESEA) got broken into last year with of over 1.5 million ESEA accounts compromised, and hackers were confirmed trying to extort a significant amount of money to remain silent regarding the incident.
According to ESEA, they were made aware on Dec. 27, 2016 of a security breach, citing that theft of user account information appeared to have taken place. Investigations are still going on to determine when the actual breach took place.
LeakedSource, a breach notification service, revealed that 1,503,707 records were added to its database. SiliconRepublic reported that the record included usernames, email addresses, first and last names, dates of birth, phone numbers, Steam IDs, Xbox ID's, PSN IDs and bycrypt hashes. Additionally, registration dates, city, state (or province), last login, zip codes, website URL were also part of those leaked.
Accordingly, players on Reddit confirmed that their information is discoverable in the leaked data. While there is an assurance that those passwords are safe, the other data in the leaked records can be used in the construction of social-based attacks that can include phishing.
According to a LeakedSource spokesperson, the hack was part of a ransom scheme, wherein the ones responsible for the hack reportedly demanded $50,000 in payment to keep silent about breaking into ESEA, as well as allow the organization to quietly fix the security vulnerability. Instead of giving into the demand, ESEA reset passwords as well as applying multi-factor authentication and security questions, Said CSO Online's Steve Ragan (Salted Hash).
Updated reports confirmed in an emailed statement that ESL Gaming was in fact extorted for money by a hacker that demanded $100,000, double that of the initially reported $50,000. Refusing to give in, the company went public with details before the hacker could publish anything.
ESEA reportedly informed their customers as soon as possible about the intrusion. Accordingly, they say they have identified and secured the breach located at the ESEA website, and have been working with legal and security experts. Likewise, they informed users of changing their passwords and being on the lookout for unsolicited communications, asking for personal information and/or review their account for any suspicious activity.
As ESEA worked in securing their systems, the hacker reportedly kept making demands. On Jan 7, the company discovered that the hacker was also able to exfiltrate intellectual property from their compromised servers. A full timeline of the events can be viewed by clicking here.