Alleged Epic Games Store hack may include passwords and payment info — should you be worried?

Epic Games Store logo with thief peeking from behind the logo with a swag bag full of data
(Image credit: Epic / Laptop Mag / Rael Hornby)

Epic Games Store users may want to keep their eyes peeled on a developing story that sees a dark-web ransomware group by the name of Mogilevich claiming to have stolen nearly 200GB of data from the platform including emails, passwords, full names, payment information, and source code.

News of the potential hack comes from social media site X's Dark Web Informer, a user known for providing Cyber Threat Intelligence (CTI) to the platform to spread awareness of potential breaches to consumers and businesses after threat actors reveal their actions on the Dark Web or wider internet.

Data breaches like the one Mogilevich claims to have pulled off involve threat actors gaining access to private information before holding that information to ransom, usually until a company agrees to pay them to prevent further distribution of the stolen information.

According to BleepingComputer's Lawrence Abrams, Mogilevich is looking to sell the data for just $15K, and won't be providing evidence of the breach to anyone who isn't looking to purchase the data and show "proof of funds" in the process. Abrams believes this claim sounds fishy, and he's not alone.

See more

What does Epic Games have to say?

In a follow-up to the news of the breach, Abrams reached out to Epic Games for comment who had the following to say: "We are investigating but there is currently zero evidence that these claims are legitimate."

Epic would also go on to state that, in a move uncommon for most threat actors looking to profit from their actions, "Mogilevich has not contacted Epic or provided any proof of the veracity of these allegations."

Outlook

Mogilevich doesn't have a long and storied history of proving its claims but has been previously linked to breaches involving Ireland's Department of Foreign Affairs and Infinity USA.

As a relatively unknown group, it's somewhat of an unknown quantity in terms of being viewed as a credible threat. However, with Epic Games having found no evidence of a breach (as of the time of writing) and with such a small ransom posted for an otherwise large sampling of stolen information, it's likely that the group could be scamming companies with fake data.

Facing the negative press or stock backlash of data breaches can be enough to force the hand of certain companies into offering up the ransom to make the problem go away fast. This could be the same case here, and if so, users have very little to be concerned about.

However, as a general rule of thumb, if a service you're subscribed to is alleged to be part of a breach, no matter how credible of a threat (and in this case, it seems that Mogilevich may be telling tall tales) it's often a great reminder to refresh your passwords on these platforms to be extra vigilant against breaches.

More from Laptop Mag

Category
Arrow
Arrow
Back to Gaming Laptops
Brand
Arrow
Processor
Arrow
RAM
Arrow
Storage Size
Arrow
Screen Size
Arrow
Colour
Arrow
Condition
Arrow
Price
Arrow
Any Price
Showing 10 of 96 deals
Filters
Arrow
Load more deals
Rael Hornby
Content Editor

Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.