Join GamesBeat Summit 2021 this April 28-29. Register for a free or VIP pass today.


Some gamers are finding purchases that they didn’t make in their accounts for Electronic Arts’ Origin service. It’s probably time to change your passwords again.

A significant number of people are reporting that hackers have accessed their Origin accounts. In a thread on the Internet-aggregation site Reddit, dozens of people have said they’ve seen unauthorized activity on gaming networks. This is potentially the result of many recent hacks that leaked passwords for a number of websites and online services. One hack in November distributed personal information from PlayStation Network, Windows Live, and 2K Games servers. Another hit Amazon, Walmart, and porn site Brazzers.

We asked EA for a comment, and it provided the following statement:

“We found no indication at this point of a breach of our Origin account database. Privacy and security of user account information are of the utmost importance to us. We encourage our players to use Origin user ID and passwords that are unique to their account and to report any activity they feel may be unauthorized to EA customer support at help.ea.com.”

On message boards and social media, people are reporting that they are seeing receipts for Origin in German show up in their email. Others are seeing Russian.

A smaller number of people are reporting fraudulent activity on their Steam accounts, which is game publisher Valve’s PC software service.

For both Origin and Steam, it is possible that the hackers did not get into EA’s or Valve’s respective servers. Instead, it is likely that this activity is the result of one of the recent publicized attacks, and hackers are trying email and password combinations on other sites.

Origin is a popular target for people with stolen emails and passwords. It often has saved payment information and the purchases are instant. Many people also do not use two-factor authentication on Origin, which requires an instant code that is sent to an email account or special app.

But even Steam, which forces everyone to use two-factor, cannot stop intrusions if the hackers have access to the account holder’s email as well.

To correct false charges, you’ll probably have to get on the phone with your credit-card company or EA. The publisher’s support staff is used to dealing with this kind of thing — I speak from experience. You’ll also have to update your password and security question.

Even if your account hasn’t suffered any weird activity yet, it’s probably a good time to update your passwords. You can avoid the kind of aforementioned cross contamination during hacks if you use a different password for every site you visit. Otherwise, a hacker only needs to succeed once to take over all of your web accounts.

GamesBeat

GamesBeat's creed when covering the game industry is "where passion meets business." What does this mean? We want to tell you how the news matters to you -- not just as a decision-maker at a game studio, but also as a fan of games. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about the industry and enjoy engaging with it. How will you do that? Membership includes access to:
  • Newsletters, such as DeanBeat
  • The wonderful, educational, and fun speakers at our events
  • Networking opportunities
  • Special members-only interviews, chats, and "open office" events with GamesBeat staff
  • Chatting with community members, GamesBeat staff, and other guests in our Discord
  • And maybe even a fun prize or two
  • Introductions to like-minded parties
Become a member