In yet another example of a cyber security breach, the EA server was recently hacked, and its website was used to host a phishing site intended to steal Apple IDs. Unfortunately, such online security breaches are becoming more common as hackers take advantage of vulnerable servers with inadequate security measures. How can companies protect against these attacks? In most cases, the answer may be as simple as investing in reliable web hosting. So, why are these breaches still happening if the remedy is so simple?
According to experts at Netcraft, the security firm that discovered the breach, hackers reached the EA server through two websites located in the ea.com domain. This location was left open to security vulnerabilities because it contained an older type of software. These vulnerabilities compromised the server, allowing it to be attacked. Simply hosting outdated software on a server is an invitation to be hacked. Many businesses neglect these types of software vulnerabilities, which can rapidly lead to the victimization of company servers.
The hackers who took advantage of the EA server created a phishing site that attempted to steal Apple IDs from consumers. This site appeared legitimate, asking for the user’s Apple ID and password – as well as verification of name, phone number, date of birth, mother’s maiden name, credit card number, expiration date, verification code, and other information that could be used to steal the user’s identity. If the victim made it through the entire process, he or she was simply redirected to the actual Apple ID site, most likely never realizing the information had been stolen by a third party.
EA is currently investigating this security breach. Company representatives have stated that customer privacy and security are their top concerns, and they have taken steps to disable any fake websites hosted by hackers on the EA. Fortunately for consumers, Netcraft reacted swiftly by adding the hacked EA page to a list of phishing sites, which is used by all major web browsers to ensure that consumers are protected from these online threats.
Servers are often vulnerable to these types of security breaches. However, companies can protect themselves by investing in a reliable web hosting provider that prioritizes best practices. By considering these factors, companies can ensure that web hosting puts security first.
Could the EA server compromise have been prevented? It’s difficult to say, based on the information that’s been made available. However, best practices are just that – best practices, and in order to prevent security lapses, such elements need to be considered, implemented, and optimized.
Get more delivered to your inbox just like it!