A web server belonging to Electronic Arts has been hacked and is now hosting a phishing website, according to what Paul Mutton from internet security firm Netcraft uncovered. Mutton said that hackers probably exploited a vulnerability in an online calendar application hosted on the web server to gain entry. The hacking group Derp has claimed responsibility for the hack and the phishing scheme. EA said that it is investigating Netcraft's claims.
The phishing scheme apparently ask users for a bunch of personal information like Apple IDs, credit card information and other personal info.
"The mere presence of old software can often provide sufficient incentive for a hacker to target one system over another, and to spend more time looking for additional vulnerabilities," he wrote.
One users give out all their personal information to the fake site, they are passed on to a legitimate Apple ID website to avoid detection.
Mutton says that he has informed EA about the site, but that it appeared to be online still the last time he checked.
You can read his entire post on the subject here.