Epic Games Facing Class-Action Suit Over Fortnite Data Breach
Epic Games is facing a class-action lawsuit after a data breach exposed the personal information of millions of Fortnite users.
The breach in question occurred as early as November 2018. when hackers discovered a way to exploit Fortnite's login system. This flaw allowed them to impersonate players and use their attached bank accounts to purchase V-Bucks.
According to Polygon, Franklin D. Azar & Associates filed the suit in the U.S. District Court in North Carolina on behalf of over 100 class members. The firm claims that Epic Games failed "to maintain adequate security measures and notify users of the security breach in a timely manner." Though Check Point, a cybersecurity research firm, discovered and reported the vulnerability to Epic Games at the end of last year, the publisher did not publicly acknowledge the breach until two months later.
Epic Games shared details about the breach, along with tips players could follow to help prevent further issues; however, Franklin D. Azar & Associate feels they haven't done enough for their players.
"Affected Fortnite users have suffered an ascertainable loss in that they have had fraudulent charges made to their credit or debit cards and must undertake additional security measures, some at their own expense, to minimize the risk of future data breaches including cancelling credit cards associated with their Epic Games/Fortnite accounts and changing passwords for those accounts," asserted the attorneys in their initial investigation.
"Furthermore, Fortnite users have no guarantee that the above security measures will in fact adequately protect their personal information."
Epic Games has fixed this particular security issue. Even so, the suit claims that the company failed to notify directly individual Fortnite users whose personal information may have been compromised. This is not the first time Epic Games has run into security issues. Maybe the lawsuit, whatever the outcome, will push them to prioritize the security of their services.