A hacker accessed 2K Games’ help desk and sent malware to gamers

22 Sep 2022

Image: © sdx15/Stock.adobe.com

2K Games and Rockstar Games, which are both owned by Take-Two Interactive, were impacted by cybersecurity incidents this week.

The gaming industry has taken another hit this week as 2K Games confirmed that its support desk was hacked.

A hacker managed to access the company’s help desk platform and used it to send emails containing malware to players.

The US video game publisher confirmed the cyberattack on its support account on Twitter. 2K Games said an “unauthorised third party” got in by accessing the credentials of one of its vendors.

2K Games said anyone who clicked on the malicious link from these emails should immediately reset any passwords stored in their web browser.

“Please note that 2K personnel will never ask you for your password or other personal information,” the company said. “We deeply apologise for any inconvenience and disruption that this matter may cause.”

The disclosure came one day after game developer Rockstar Games confirmed that it suffered “a network intrusion”. This led to video leaks of early development versions of Grand Theft Auto 6, the upcoming instalment in Rockstar’s flagship game series.

In its statement on the matter, Rockstar Games said that “an unauthorised third party” had illegally accessed and downloaded “confidential information” from its systems.

Both Rockstar and 2K Games are owned by Take-Two Interactive, making it a damaging week for the parent company. Take-Two declined to comment to Reuters on whether the two cyberattacks are related.

2K Games said its support portal will remain offline while the incident is addressed, and it will notify users when they can resume interacting with 2K help desk emails.

The hacker behind the Rockstar Games data breach also claimed responsibility for the Uber hack that occurred last week. This link has not been confirmed, however.

The “cybersecurity incident” at Uber was reported to be the result of a phishing attack, and the company was forced to shut down some of its internal communication and engineering systems. In an update this week, Uber claimed that a hacker linked to the Lapsus$ cybercrime gang was responsible for the attack.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com