ESEA, one of the most popular video gaming websites in the world has suffered a major hacking attack in which the account details of 1.5 million users have been stolen and leaked, according to sources.
A spokesperson of Leaked Source, a website that reports hacking incidents in real time, has confirmed that ESEA has lost to hackers the account details of more than 1.5 million of its users in the attack that occurred towards the end of December, last year.
According to ESEA, the hacking must have taken place a few days before they acknowledged the breach on December 27th, 2016. The company posted a message indicating that its database had suffered a security breach by unknown criminals but that it was taking all the necessary actions to correct the situation.
‘We were made aware of a security breach on our website and that some data of our users may have been stolen,’ the company said in a statement.
The company went further to say that it was resetting the passwords and other security features of the accounts of its users in a bid to deal with the situation and minimise the damage arising from the breach.
.@BigSecurityNews confirmed my ESEA account info after they asked a couple 'larger' followed users to help verify
— Jimmy Whisenhunt (@jimmywhis) January 8, 2017
However, in an interesting twist of events, it appears that there was an extortion attempt as part of the saga. Credible reports indicate that after the hackers had successfully accessed the database of ESEA and laid their hands on the personal details of the millions of users of the website, the hackers contacted the company and demanded $500,000 as ransom.
It appears that the hackers promised to keep quiet about the breach, keep the stolen data and reveal the flaws that they had exploited in exchange for the ransom money. However, it has been reported that the parent company of ESEA, Turtle Entertainment, refused to give in to the demands of the hackers, thus prompting the hackers to leak the personal details of millions of users of ESEA.
Leaked Source reports that the hackers managed to access include the following: the dates of birth of the users, their email addresses, passwords, names, and personal websites.
So far, ESEA has not made a public statement about the extortion claims. However, given that the company has acknowledged that a breach did take place and that it has been working to address the situation, observers will be keen to follow new developments to the story as they unfold.