you are not logged in

Epic Games Issuing Refunds After Fraudulent Fortnite Activity

A “well known” hacking technique has been used on some Fortnite accounts resulting in hundreds of dollars of fraudulent in-game purchases.

“We are aware of instances where users’ accounts have been compromised using well-known hacking techniques and are working to resolve these issues directly with those players affected. Any players who believe their account has been compromised should reach out to our player support immediately,” said Epic in a statement to Kotaku.

Epic are now issuing refunds to any players who may have been compromised and urge people to turn on the two step authentication procedure they have recently added. However, if this was such a “well known” technique then the question is why weren’t Fortnite players protected from it?

You can contact Epic player support here.

Source: Kotaku / Gamasutra

  1. Starman
    Since: Jul 2011

    Epic have been warning users about fake sites offering free in game currency, so it’s probably that. Also not much they can do when users are entering their details on said sites.

    Comment posted on 14/03/2018 at 11:32.
    • MrYd
      Since: Mar 2011

      Yes, it does sound like it’s some sort of phishing thing, although is that really hacking? Possibly some of those dodgy sites you mention are installing nasty stuff to get the info that way?

      Either way, it doesn’t sound much like Epic’s fault. And they deserve some credit for sorting it out and issuing refunds. (Although, that may well be in their interest anyway. A load of disputed charges isn’t great for them)

      Don’t go to dodgy websites pretending to offer free stuff, and turn on two factor authentication wherever it’s available. It’s potentially worse if that option is available and you don’t turn it on than it is if it’s not available. If someone gets in to your account and turns it on themselves, it’ll be even harder to sort out.

      Comment posted on 14/03/2018 at 12:15.
  2. Mr.Gorha
    Since: May 2009

    I had an email saying I’d been locked out of my account for multiple failed logins.

    I can only assume the well known technique is “Try ‘password’ for the password”.

    My account is safe, they didn’t get in.

    Comment posted on 14/03/2018 at 13:39.
    • Mr.Gorha
      Since: May 2009

      Just for clarity, obviously I’ve not used phishing sites, downloaded fortnite directly through PSN and like all well aged PSN users I don’t keep any card details on my account.

      Comment posted on 14/03/2018 at 13:40.
    • MrYd
      Since: Mar 2011

      Sounds like they’ve at least got some security there then, if it locks you out after multiple failures.

      I’d guess either someone was using passwords that have leaked from somewhere else and hoping you’ve reused one (which is obviously not a good thing to do), or some sort of dictionary attack. Which gets foiled by the multiple login thing. Unless your password is “aardvark” or something.

      Comment posted on 14/03/2018 at 15:53.