FIFA 20 e-sports site leaked data of 1,600 pro players

Electronic Arts managed to shut down the compromised site within 30 minutes, although 1,600 participants' data was already exposed

FIFA 20 Global Championship registration page bugged: 1,600 users' data possibly leaked

On October 3, EA Sports announced a bug that affected the futa website used for the FIFA 20 Global Series Championship registration process.^[1] According to the Twitter post from Electronic Arts, after the launch of the portal 1 PM UK time, the competitors were able to view the personal information of other fellow players due to the bug affecting the site. EA managed to shut down the registration panel after only 30 minutes of opening it, but by that time, around 1,600 people had already been affected.

EA claims that further registrations are no longer impacted by this bug:

We were able to root cause the issue and implement a fix to be clear that information is protected. We're confident that players will not see the same issue going forward.

In the meantime, the company is within the process of notifying the impacted gamers and sending them more details about how to protect their accounts from further compromise. EA apologized for the incident:

Player privacy and security are of the utmost importance to us, and we deeply apologize that our players encountered this issue today.

While it is unlikely that a mass-harvesting of data took place, the ordeal can still negatively impact the affected players' lives.

The registration process is back online, but many players are unhappy about the incident

It is not surprising that many players who trained for the event went on to register for the upcoming e-sports event as soon as possible. Upon starting the process, they were prompted to make sure that entered details are correct. At this point, however, many were greeted with an unexpected situation – they could see the exact details of other users.

“If any of the details below are incorrect, please click “Update EA Account” to fix them before registering,” claimed the notification. However, the fields that ask for Email, ID, Country of Residence, and the Birthday were already filled.

North and Hashtag United manager George Hughes posted a screenshot of a fellow player with blanked out details, calling the issue “a mess.”^[2] In the meantime, a professional FIFA player JREXX also posted a screenshot of evidence that somebody is trying to break into his EA account.^[3] Luckily, the two-factor authentication process prevents unauthorized access – this is another reason to enable it. Without a doubt, many people are very unhappy about this.

As of now, EA has re-opened the registration for the FIFA 20 Global Series,^[4], although many might be reluctant to put in the sensitive information after the recent incident.

Swatting and doxing is a real threat that might put gamers' lives at risk

The video gaming industry is on the rise, and so is the e-sports – the participants compete in series of matches in order to win the first-place prize, which can sometimes reach millions of dollars (Dota 2 prize pool reached $30 million in 2019).^[5] Despite the popular belief, the industry is growing rapidly, and the e-sports scene is being enjoyed by around 456 million people.

The immense popularity managed to create jobs for people and make the hobby into a lucrative business. However, the life of a pro gamer also comes with a few cons, including some of them being dangerous. Swatting is one of the ordeals that players experience – all it takes is for somebody found out where the person lives. Typically, the so-called “trolls” call SWAT teams, claiming that the shooting or similar incidents are taking place at the player's address. While, in most cases, this ends up being a prank with no major consequences, it consumes the valuable time of the special forces and in some cases, even leads to deaths of innocent people.^[6] Doxing is another technique that is frequently used against players.