Take-Two is definitely not having a good time of it. Following the weekend’s colossal leak of GTA VI, its septimana horribilis continues with the fresh news that its 2K Games support services have been hacked, and customers are now being sent out phishing scams.
Posting to the official 2K Support Twitter account, 2K explained that its help desk platform had been hacked, and the invader made off with a whole bunch of customer emails. It says it “became aware that an unauthorised third party illegally accessed the credentials of one of our vendors to the help desk platform that 2K uses to provide support to our customers.”
The tweeted statement continues, “The unauthorised party sent a communication to certain players containing a malicious link. Please do not open any emails or click on any links that you receive from the 2K Games support account.” (Their emphasis.)
This is a pretty disastrous affair for 2K. Usually when a network intrusion is detected, companies are able to identify that even if email addresses may have been accessed, they can reassure that passwords are salted and hashed, and credit card information was not accessed, and so on. But here, the attacker was clearly able to actually use 2K’s systems to contact customers from the official account, and as such bypass any of the usual spam filters or common-sense bullshit detectors a person may have in place.
2K has taken its “support portal” offline while they try to figure out what the heck happened, which isn’t a great look, especially in the week of NBA 2K23‘s release. The statement says, “We will issue a notice when you can resume interacting with official 2K help desk emails,” which is…not a foolproof method. Firstly, it gives the impression that there might be a time when a previously unread phishing email would be safe to click on, and secondly, it hardly reaches people who’ve received the email, who aren’t fortunate enough to have noticed the tweet (or read the press coverage).
Meanwhile, those with open tickets are getting told, at the time of writing, that 2K doesn’t “have estimates on when you’ll receive a reply,” with the somewhat ironic suggestion that they, “stay tuned via email.”
Read More: NBA 2K23: The Kotaku Review
For those that think they may have already fallen for the phishing scam, 2K recommends that people reset all passwords, enable multi-factor authentication (but avoid text message-based verification!), clog up their PCs with anti-virus software, and “check your account settings to see if any forwarding rules have been added or changed on your personal email accounts.”
There’s further cause for concern when you notice that one customer recognised that a likely hack had occurred some ten hours before the statement was released, but was fobbed off by the official account. The original customer replied almost nine hours before the hack was confirmed, saying, “at this point its very clear that you guys got hacked on support things related.. make a statement already before the damage is too big.”
Many replies to the statement are from bereft customers, claiming to have lost their accounts, or seen money removed from their games. Many more are from people who clicked on the links in the emails, but now don’t know if they’ve caused any harm to their devices or account, and are not getting clear answers.
It seems a lot of the phishing emails are signed by “Shikhar A,” and contain a link to a .zip file, purporting to be a new version of the 2K Launcher. It’s a safe bet to say you don’t want to be downloading that, should you have received such an email.
We reached out to 2K to ask for more details about the attack, and to ask why it took so long to send out the warning, but despite the potential usefulness of answers for their customers, we were briskly told, “We are not commenting beyond 2K’s social media posts related to the matter.”