Take-Two definitely isn’t having a good time of it. Following Weekend heavy leak GTA VIits terrible week continues with the latest news that Its 2K Games Support Service Has Been HackedAnd customers are now being sent phishing scams.
Posting to the official 2K Support Twitter account, 2K reported that its help desk platform had been hacked, and the attacker had taken down a whole bunch of customer emails. It says that “it was discovered that an unauthorized third party has illegally accessed the credentials of one of our vendors on the help desk platform that 2K uses to provide support to our customers.”
The tweeted statement continues, “Unauthorized party sent a communication containing a malicious link to certain players. Please do not open any emails or click on any links you may receive from a 2K Games support account., (His emphasis.)
This is a pretty disastrous affair for 2K. Typically when a network intrusion is detected, companies are able to identify that even though email addresses have been accessed, they can assure that passwords are salted and hashed, and that credit card information was not accessed. was, and so on. But here, the attacker was apparently able to use 2K’s system to contact customers from the official account, and thus bypass any common spam filters or common-sense bullshit detectors that a person might have. It is possible
2K has taken its “support portal” offline while they try to figure out what the heck happened, which isn’t a great look, especially in the week of NBA 2K23‘s release. The statement says, “We will issue a notice when you can resume interacting with official 2K help desk emails,” which is…not a foolproof method. Firstly, it gives the impression that there might be a time when a previously unread phishing email would be safe to click on, and secondly, it hardly reaches people who’ve received the email, who aren’t fortunate enough to have noticed the tweet (or read the press coverage).
Meanwhile, those with open tickets are getting told, at the time of writing, that 2K doesn’t “have estimates on when you’ll receive a reply,” with the somewhat ironic suggestion that they, “stay tuned via email.”
Read More: NBA 2K23: The Kotaku Review
For those who think they’ve already fallen for a phishing scam, 2K recommends that people reset all passwords, enable multi-factor authentication (but avoid text message-based verification!), set up their PCs, and then set up multiple passwords. with anti-virus software, and check your account settings to see if any forwarding rules have been added or changed to your personal email accounts.
There’s Another Cause For Worry When You Notice It A customer believed a possible hack had occurred some ten hours before the release of the statement, but was Imposed by official account. Original customer replied About nine hours before the hack was confirmed, “It’s pretty clear at this point that you guys have been hacked on related things.. make a statement before the damage is too big.”
Many of the responses to the statement come from homeless customers who claim to have lost their accounts, or that money has been taken out of their games. There are many more people who clicked the link in the email, but no longer know if they did any damage to their device or account, and are not getting clear answers.
It seems that a lot of phishing emails are signed by “peak A” and contain a link to a .zip file, which claims to be a newer version of 2K Launcher. It’s safe to say that you don’t want to download it, should you have received such an email.
We reached out to 2K to ask for more information about the attack, and to ask why it took so long to send the warning, but despite the potential usefulness of the replies to their customers, we were swiftly told. Not doing 2K’s social media posts are related to the matter.”