Take-Two is definitely not having a good time. Next colossal leak of the weekend GTA VIhis awful week continues with fresh news that its 2K Games support services have been hackedand customers are now being sent out to phish you.
Posting on the official 2K support account on Twitter, 2K made it clear that the support platform was hacked and the invader escaped with a mass of customer emails. It says it has “learned that an unauthorized third party has illegally accessed one of our vendors’ credentials for a support platform that 2K uses to support our customers.”
The statement posted on Twitter continues: “An unauthorized site has sent some players a message containing a malicious link. Do not open any emails or click on any links received from your 2K Games Support account.” (Their emphasis.)
This is quite a disaster for 2K. Typically, when a network intrusion is detected, companies are able to conclude that even if email addresses could be accessed, they could ensure that passwords were encrypted and encrypted, and credit card information was not available, and so on. But here the attacker was clearly able to use 2K’s systems to contact customers from their official account and as such bypass any regular spam filters or common-sense crap detectors an individual might have.
2K has shut down their “support portal” as they try to figure out what the hell happened that doesn’t look very good, especially during the week NBA 2K23edition. The statement says, “We’ll send you a notification when you can resume interacting with the official 2K support emails,” which is not … a foolproof method. Firstly, it gives the impression that there may come a time when it is safe to click on a previously unread phishing email, and secondly, it hardly reaches the people who received the email who are unlucky enough to notice the tweet (or read the press reports ).
Meanwhile, those with open tickets are informed at the time of writing that 2K “has no estimates of when you will get a reply”, with the somewhat ironic suggestion that they “leave on-the-fly by email”.
Read more: NBA 2K23: Kotaku Review
For those who think they’ve fallen into a phishing scam, 2K recommends that they reset all passwords, turn on multi-factor authentication (but avoid text-based authentication!), Clog their computers with antivirus software, and “check your account settings to check if any forwarding rules have been added or changed in your personal email accounts ”.
There is another cause for concern when you notice this one client noted that there was a possible break-in about ten hours before the statement was issued, but it was … set off through the official account. The the original customer replied almost nine hours before the break-in was confirmed, saying “at this point it is very clear that you have been hacked on support stuff … make a statement before the damage is too much”.
Many responses to the statement come from aggrieved customers claiming to have lost their accounts or seen money removed from their games. A lot more comes from people who clicked on links in emails but now don’t know if they’ve harmed their devices or account, and they don’t get clear responses.
Many phishing emails appear to be signed with “Shikhar A” and link to a .zip file, allegedly a new version of 2K Launcher. It’s safe to say you don’t want to download it if you’ve received such an email.
We contacted 2K to ask for more details about the attack and to ask why it took so long to send the alert, but despite the potential usefulness of the response to their customers, we were quickly told: “We are not commenting beyond 2K Social Media Entries related to this case. . “