FIFA 20’s troubles aren’t set to subside any time soon. A data breach on the FIFA 20 Global Series registration page meant that the confidential information of an unknown number of players was free for others to see for multiple hours.
Player Data Breach
Yesterday, EA opened up registrations for its latest eSports venture, FIFA 20 Global Series, this year’s iteration of a season-long series of competitive events leading to the FIFA eWorld Cup.
Shortly afterward, players began reporting that they could access the details of other players who had already signed-up upon clicking the verification link sent to them after registering. The data included email addresses, gamer tags, country of residence, and date of birth.
Users took to Twitter to voice their concern;
EA responded over four hours later with a tweet warning of a ‘potential issue.’ EA took down the registration page for the FIFA 20 Global Series soon after.
However, the damage was already done. Twitter users reported desperately failing to regain ownership of their accounts via EA’s two-factor-authorization system, and receiving unsolicited verification codes.
Earlier today, EA released a cookie-cutter statement on the breach, confirming the site had been shut down within 30 minutes of registration going live. The publisher explained it has found the cause of the data breach and implemented a fix to ensure the protection of personal data moving forward.
EA estimates the breach affected 1600 FIFA 20 players. The company says;
We are taking steps to contact those competitors with more details and protect their EA accounts.
The statement continues;
Player privacy and security are of the utmost importance to us, and we deeply apologize that our players encountered this issue today.
Going by yesterday’s breach, this clearly isn’t the case, and EA seemingly has little to no regard for confidential player data.
Registrations for the FIFA 20 Global Series will go live once again in the coming days. After the breach, enthusiasm for the event has likely waned in the interim.
One Twitter user pointed out that beyond opening up affected players to all manner of problems, as well as raising questions about what measures EA takes to protect user privacy, the company could be in for some trouble for breaching GDPR data protection laws. The gaming giant may have a hefty fine to settle.