Hype is growing for the FIFA 20 Global Series, the qualification system in place for the FIFA eWorld Cup, with the registration deadline for next weekend's event closing in. As players rushed to register, however, a bit of a disaster happened.
Electronic Arts has now confirmed that the personal information of as many as 1,600 FIFA 20 Global Series registrants may have been made public. For these affected FIFA 20 players, there's little that can be done.
The issue cropped up on Thursday with the launch of FIFA 20 Global Series registration. Players opening the registration page were presented not with blank fields to fill out, but with details already filled in from other registrants' accounts. The information made available included email addresses, EA Account IDs, country of residence, and birth dates. The information was easily accessible, but it's unclear whether the information was made more broadly available through, say, a publicly open database.
Electronic Arts was able to recognize the issue and take down the registration website within 30 minutes. But, as previously noted, approximately 1,600 players had their data vulnerable during this period of time. EA is currently in the process of reaching out to each of FIFA 20 Global Series registrants who were affected and informing them of the incident. Anyone who believes they might have been one of those who registered extremely quickly should change their EA account password, just in case.
In addition to acknowledging the data leak, EA also offered up an apology for the issue. "Player privacy and security are of the utmost importance to us, and we deeply apologize that our players encountered this issue today." At the time, EA promised the registration page would be up again in the days to follow, which it held true to. FIFA 20 esports players wanting to join in on the Global Series event next weekend can register on the official website right now.
An update on the EA SPORTS FIFA 20 Global Series registration page issue from October 3. pic.twitter.com/t5R6HwYd3I— EA SPORTS FIFA (@EASPORTSFIFA) October 4, 2019
While all that the majority of people saw is some account information for a single player, that alone means that a database was incorrectly open to access. A hostile user could theoretically use this open access to create a much worse data breach, including account information otherwise unseen. EA has said the breach was limited to 1,600 players, at least, but the risk of a larger breach is certainly there.
FIFA 20 is available now on Nintendo Switch, PC, PS4, and Xbox One.