The report comes from Cyber Daily, who also broke the news of last year’s confirmed hack attack on Insomniac Games. The site claims that new ransomware group Mogilevich are the culprits, as per the screencap of a darkweb posting above, and that the hackers are now trying to get Epic or another party to pay up for the return of the data, with a deadline of 4th March.
Epic, however, say that they’ve yet to see any proof that a ransomware attack has taken place. “We are investigating but there is currently zero evidence that these claims are legitimate,” a spokesperson told Eurogamer this morning.
That’s not a requirement. You can make payments without one though the odds of approval aren’t great. If the actual real card numbers got leaked, you need to cancel that card. Also if they actually leaked REAL card numbers, Epic is going to be in deep shit with the card brands.
This article has no real details though so we’ll see. I kind of doubt this is legit.
I guess the answer is money, but why would you do any handling of card details in-house. Having a third party process transactions passes to some degree ensuring security onto said third party.
I’d still doubt any risk of full card details being leaked unless the hack goes much deeper than just Epic.