Netcraft.com noticed that two websites within the ea.com domain were suddenly asking visitors to enter the ID and password for Apple’s online services. First users filled in that information and were then sent to a second screen and asked to enter information that is even more sensitive — full name, card number, expiration date, verification code, date of birth, phone number, mother’s maiden name — before ultimately being directed to an actual Apple website to give the appearance that they had successfully logged in.
According to Netcraft, the most likely point of entry into the server was a vulnerable, outdated version of WebCalendar.
“The mere presence of old software can often provide sufficient incentive for a hacker to target one system over another, and to spend more time looking for additional vulnerabilities or trying to probe deeper into the internal network,” writes Netcraft’s Paul Mutton.
When reached for comment by the BBC, a rep for EA said it had fixed the problem.
“We found it, we have isolated it, and we are making sure such attempts are no longer possible,” said the rep.