Epic Games Store users may want to keep their eyes peeled on a developing story that sees a dark-web ransomware group by the name of Mogilevich claiming to have stolen nearly 200GB of data from the platform including emails, passwords, full names, payment information, and source code.
News of the potential hack comes from social media site X's Dark Web Informer, a user known for providing Cyber Threat Intelligence (CTI) to the platform to spread awareness of potential breaches to consumers and businesses after threat actors reveal their actions on the Dark Web or wider internet.
Data breaches like the one Mogilevich claims to have pulled off involve threat actors gaining access to private information before holding that information to ransom, usually until a company agrees to pay them to prevent further distribution of the stolen information.
According to BleepingComputer's Lawrence Abrams, Mogilevich is looking to sell the data for just $15K, and won't be providing evidence of the breach to anyone who isn't looking to purchase the data and show "proof of funds" in the process. Abrams believes this claim sounds fishy, and he's not alone.
🚨ALERT🚨Allegedly, #Mogilevich has breached Epic Games.Country: #USA🇺🇸Threat Actor: MogilevichCompany: Epic GamesRevenue: $5.8 BillionData Stolen: 189GBPrice: UnknownDate: 2024-02-27#Ransomware #DarkWeb #DarkWebInformer #Leaks #Leaked #Cybersecurity #Cyberattack… pic.twitter.com/fLrqCGkYo2February 27, 2024
What does Epic Games have to say?
In a follow-up to the news of the breach, Abrams reached out to Epic Games for comment who had the following to say: "We are investigating but there is currently zero evidence that these claims are legitimate."
Epic would also go on to state that, in a move uncommon for most threat actors looking to profit from their actions, "Mogilevich has not contacted Epic or provided any proof of the veracity of these allegations."
Outlook
Mogilevich doesn't have a long and storied history of proving its claims but has been previously linked to breaches involving Ireland's Department of Foreign Affairs and Infinity USA.
As a relatively unknown group, it's somewhat of an unknown quantity in terms of being viewed as a credible threat. However, with Epic Games having found no evidence of a breach (as of the time of writing) and with such a small ransom posted for an otherwise large sampling of stolen information, it's likely that the group could be scamming companies with fake data.
Facing the negative press or stock backlash of data breaches can be enough to force the hand of certain companies into offering up the ransom to make the problem go away fast. This could be the same case here, and if so, users have very little to be concerned about.
However, as a general rule of thumb, if a service you're subscribed to is alleged to be part of a breach, no matter how credible of a threat (and in this case, it seems that Mogilevich may be telling tall tales) it's often a great reminder to refresh your passwords on these platforms to be extra vigilant against breaches.