Take-Two is definitely not having a good time. next Massive leak this weekend GTA VIthat it awful week Keep up with the new news that 2K game support services have been hackedPhishing emails are now sent to customers.
By posting to the official 2K Support Twitter account, 2K explained that its help desk system had been hacked, and that the invader had stolen a whole bunch of customer emails. It says it “has realized that an unauthorized third party has unlawfully gained access to the credentials of one of our suppliers to the help desk platform that 2K uses to provide support to our customers.”
The Twitter statement continues, “The unauthorized party sent a message to certain players containing a malicious link. Please do not open any emails or click on any links you receive from your 2K Games support account.” (their focus).
This is a very disastrous problem for 2K. Usually when a network intrusion is detected, companies can determine that even if email addresses are accessed, they can reassure and hash passwords, not access credit card information, etc. But here, it is clear that the attacker was able to physically use 2K systems to contact customers from the official account, thus bypassing any of the usual spam filters or logical nonsense detectors a person might have.
2K has taken its “support portal” offline while they try to figure out what the heck happened, which isn’t a great look, especially in the week of NBA 2K23‘s release. The statement says, “We will issue a notice when you can resume interacting with official 2K help desk emails,” which is…not a foolproof method. Firstly, it gives the impression that there might be a time when a previously unread phishing email would be safe to click on, and secondly, it hardly reaches people who’ve received the email, who aren’t fortunate enough to have noticed the tweet (or read the press coverage).
Meanwhile, those with open tickets are getting told, at the time of writing, that 2K doesn’t “have estimates on when you’ll receive a reply,” with the somewhat ironic suggestion that they, “stay tuned via email.”
Read More: NBA 2K23: Kotaku review
For those who believe they have already fallen for a phishing scam, 2K recommends that people reset all passwords, enable multi-factor authentication (but avoid text-based verification!), lock down their computers with antivirus software, and Check your account settings to see if any forwarding rules have been added or changed in your personal email accounts.
There is another cause for concern when you notice it A customer realized a potential hack About ten hours before the release of the statement, but it was done procrastinating by the official account. The original customer response Roughly nine hours before the hack was confirmed, saying, “At this point, it’s very clear that you guys were hacked about support-related things.. really make a statement before the damage was too great.”
Many of the responses to the statement come from hated customers, who claim to have lost their accounts or seen money removed from their games. More people have clicked on links in emails, but now they don’t know if they have caused any harm to their devices or accounts, and they are not getting clear answers.
A lot of the scam emails appear to be signed by “Shikhar A”, and contain a link to a .zip file, allegedly a new version of 2K Launcher. It’s a safe bet to say you don’t want to download that, if you receive such an email.
We reached out to 2K to request more details about the attack, and to ask why it took so long to send out the warning, but despite the potential usefulness of the answers to their customers, we were quickly told, “We do not then comment on 2K social media posts related to the topic.” .