Leaking Game Accounts Can Be An Entry Point For Attacks On Companies, Here's The Explanation!

JAKARTA - Kaspersky's latest study revealed that 11 million game account credentials were leaked, of which 5.7 million were Steam accounts, and 6.2 million others from Epic Games Store, Battle.net, Ubisoft Connect, GOG, and EA applications.

Modern businesses may not consider themselves part of the gaming ecosystem, however, the global cybersecurity firm stressed that they could still be in danger.

"For example, through employees who register on entertainment platforms using the company's email address," the company wrote in a statement.

Because, Kaspersky Digital Footprint Intelligence studies show that 7% of Netflix, Roblox, and Discord users whose accounts leaked register there using the company's email address.

Well, the fact that employees may use corporate email to register private services, including games, is what will pose a cybersecurity risk.

Digital Footprint Intelligence Analyst at Kaspersky, Polina Tretyak noted, if the company's email is exposed in information leakage, it has the potential to open the door to the company's wider threat.

"For example, attackers can contact employees and lure them to install malware on company devices or force them to break into passwords," Polina explained.

If the password uses predictable patterns, Polina said, the password burglary process may only take about an hour or less.

"In addition, fraudsters can gain access to various non-company systems under employee accounts and retrieve some important data, and access company resources," he explained.

In addition, infostealers also often disguise themselves as hacked games, software cheats, or unofficial mods. They are used by threat actors who want to steal any sensitive information.

In addition to the dangers that infostealers can pose, this dangerous package is very dangerous in a hybrid environment and carries your own device (BYOD).