If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Cybersecurity firm exposes Fortnite vulnerability

If exploited, hackers could have viewed personal information, purchased items, and overheard chat through affected accounts

Epic Games says it has fixed a vulnerability in its sub-domains that could have allowed hackers to gain access to Fortnite accounts, including making purchases with credit cards and viewing personal information.

Variety reports that cybersecurity firm Check Point Software Technologies discovered the flaw in November, and it has just been fixed this month.

"We were made aware of the vulnerabilities and they were soon addressed," an Epic spokesperson said to Variety. "We thank Check Point for bringing this to our attention. As always, we encourage players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others."

Though this is good advice, the security hole actually existed through two Epic Games subdomains that were vulnerable to malicious activities. Essentially, flaws allowed phishing links to be created that appeared to be legitimately from Epic Games. If used, the user's Fortnite authentication token could be stolen and used by a hacker to login without a username and password.

At the moment it does not appear that these vulnerabilities were exploited. Had they been, hackers could have gained access to personal information, made purchases with saved credit cards, or listened to in-game chat through the stolen account.

Tagged With

Author

Rebekah Valentine avatar

Rebekah Valentine

Senior Staff Writer

Rebekah arrived at GamesIndustry in 2018 after four years of freelance writing and editing across multiple gaming and tech sites. When she's not recreating video game foods in a real life kitchen, she's happily imagining herself as an Animal Crossing character.

More News

Latest Articles