A ransomware gang, self-identified as Mogilevich, claims to have breached Epic Games, asserting possession of nearly 200 gigabytes of internal data. As reported by Cyber Daily, the group posted details of the purported breach on its darknet leak site, disclosing information related to Fortnite and Epic Games Store operations.
The message posted by the group states, “We have quietly carried out an attack on Epic Games’ servers,” and asserts access to a range of sensitive information, including emails, passwords, full names, payment details,
source code, and more, totaling 189GB. The group also suggests that this data is available for purchase, providing a link for interested parties.
Epic Games has issued a statement to VGC regarding the situation, indicating an ongoing investigation and expressing skepticism about the legitimacy of the claims. According to Epic Games, there is no evidence to support the allegations, and the group behind the attack, Mogilevich, has not provided any proof despite requests.
Mogilevich has set a deadline of March 4 for potential buyers to acquire the data, although specifics regarding the price and consequences after the deadline are not disclosed.
Cyber Daily reports that Mogilevich is a relatively new ransomware group, with Epic Games being its fourth reported target. Previously, the group targeted Nissan subsidiary Infiniti USA.
As of now, Mogilevich has not substantiated its claims by releasing any concrete evidence of the alleged breach.
In a similar incident, the Rhysida group targeted Insomniac Games in late 2023. After claiming the breach, Rhysida published a portion of the stolen data online, including details from Insomniac’s upcoming Wolverine game. The group then threatened to release the rest of the data within seven days, offering it for auction. Insomniac Games subsequently confirmed the breach and expressed its commitment to addressing the situation promptly.