Home Gaming Epic Games hit with class-action suit over last year’s Fortnite data breach

Epic Games hit with class-action suit over last year’s Fortnite data breach

1 min read

Last year, Epic Games was subject to a data breach that potentially exposed login details for millions of user accounts. The breach came through an exploit that allowed attackers to steal credentials through single link clicks. As Check Point Research detailed when the 2018 attacks were acknowledged in January this year:

“By discovering a vulnerability found in some of Epic Games’ sub-domains, an XSS attack was permissible with the user merely needing to click on a link sent to them by the attacker. Once clicked, with no need even for them to enter any login credentials, their Fortnite username and password could immediately be captured the attacker.”

Now, Epic Games has been hit with a class-action law suit for the attacks. Law firm Franklin D. Azar & Associates has grouped together 100 complainants, claiming that Epic failed “maintain adequate security measures and notify users of the security breach in a timely manner.”

Says the firm:

“…Affected Fortnite users have suffered an ascertainable loss in that they have had fraudulent charges made to their credit or debit cards and must undertake additional security measures, some at their own expense, to minimize the risk of future data breaches including cancelling credit cards associated with their Epic Games/Fortnite accounts and changing passwords for those accounts.”

Furthermore, Fortnite users have no guarantee that the above security measures will in fact adequately protect their personal information. Fortnite users therefore have an ongoing interest in ensuring that their personal information is protected from past and future cybersecurity threats.”

While this does seem a little on the opportunistic side – given that Epic is raking in Billions of Fortnite Dollars every month – the company does have an obligation to keep its users records safe.

Last Updated: August 12, 2019


  1. Darren Peach

    August 12, 2019 at 11:26

    Who else is going to hold them accountable ? Just out of interest ?


  2. Yahtzee

    August 12, 2019 at 11:34

  3. Raptor Rants

    August 12, 2019 at 11:34

  4. Mark Treloar

    August 12, 2019 at 12:03

    My account was hacked, but I don’t leave my CC details on my account so lost nothing


  5. For the Emperor!

    August 12, 2019 at 14:41

    Tip 1: Do not click on links in emails unless you first make sure the source is 100% trusted. Got a few fake Blizzard mails back in the day.
    Tip 2: As far as possible, refrain from saving card information. Steam, Blizzard etc I do not save that info and type it in each time.

    That said: Yes, the service providers should do their part to protect their systems as well!


Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Manchester United Sues Football Manager Over Use of their Name and Fan Mods

Manchester United, that massive global football brand whose fans are as equally annoying a…