Origin Accounts Reportedly Being Hijacked, EA Stoic On Database Breach

Accounts with EA’s Origin service are reportedly being hijacked, with what looks like clear evidence of hackers being able to change passwords or email addresses belong to Origin accounts. It’s not obvious at this stage whether it’s something that’s affecting the entire service, or isolated incidents, but it’s looking more likely to be the latter.

Emails from Origin saying that passwords have been changed seems to be the first indicator that an account has been compromised. Digital Foundry‘s Richard Leadbetter was a recent victim of this, although a thread on GAF from two days back shows a fair number of support requests on EA’s own public forums – it’s definitely more than just one or two…

EA are apparently rather steadfast on the opinion that there’s nothing wrong with their security. “At this point, we have no reason to believe there has been any intrusion into our Origin database,” said a spokesperson.

As this becomes more and more frequent, it’s not hard to imagine a future where each and every user account is protected via something like Google’s 2 Step authentication, which requires a six digit code alongside your credentials each time you connect on a new computer. The code is dynamically generated on a smartphone, requiring the hacker to also have physical access to your phone.

8 Comments

  1. 2-step… Whilst not 100%, raises the bar significantly higher – It has to happen.

    Steam requires an extra steo & ActiBlizz’s Battle.net requires authentication when an account is accessed from a new machine. Someone as big as EA should have designed this in from the start.

    This comes after last years problems with EA’s forums & FIFA Ultimate Team.
    You have to wonder how seriously EA take this? Whilst their response in all cases is robust, it’s clear they just don’t do enough.

    • Agreed. It’s a bit of a ball ache but having a PIN text to my mobile makes things quite a bit more secure.

  2. Origin easily should have more security, even a maker of rubbish mmos. Cryptic have something like a authorization thing.

  3. Wow, it took me a week to get access to my Origin account with NFS Most Wanted due to a sign up mistake, and I have the original email and passwords…….I’d have thought it was pretty secure!

  4. Was forced to sign up with bloody origin for dragon age a month ago. bah.

  5. I wonder if that’s why Origin won’t let me use my psn ID for NFSMW, telling me that it’s already in use? Anyway, i don’t see why i need two accounts to play a game on my Vita so i won’t be using Origin.

    • I created an Origin account for BF3 & use same acc for NFSMW.
      (using same PSN ID.)

      Not saying definitely not the cause of your issue.
      So does that mean no autolog for the time being?

      I emailed EA Support re failed attempts to originally setup acc.
      They were quick to reseond & very helpful, a possible avenue, as autolog plays a big role in NFSMW.

  6. just as SW:TOR goes free to play, interesting.

    maybe the influx of new accounts is why origin was targeted right now.

Comments are now closed for this post.