A ransomware gang claims to have hacked nearly 200GB of Epic Games internal data

A ransomware gang claims to have hacked Epic Games, saying it has nearly 200 gigabytes of internal data.

As reported by Cyber Daily, the gang, which goes by the name Mogilevich, posted a message on its darknet leak site giving more information on its claimed leak of the Fortnite and Epic Games Store company.

“We have quietly carried out an attack to Epic Games’ servers,” the message reads.

It also claims to have compromised “email, passwords, full name, payment information, source code and many other data”, amounting to a total size of 189GB.

“Data is also for sale”, it says, adding a link for “an employee of the company or someone who would like to buy the data”.

The gang has given a deadline of March 4 for someone to buy the data, but has not given a specific figure, nor has it indicated what it will do with the data if the deadline passes.

VGC has contacted Epic Games for comment.

According to Cyber Daily, Mogilevich is a relatively new ransomware group, and Epic Games is its fourth target. The first was Nissan subsidiary Infiniti USA, which it hacked last week.

At the time of writing, the group has not released any actual proof that it has successfully hacked Epic Games.

A ransomware gang claims to have hacked nearly 200GB of Epic Games internal data
Epic Games is responsible for Fortnite and the Epic Games Store

When the Rhysida group hacked Insomniac Games in late 2023, it followed up its claim by publishing a small amount of data online as proof, including an annotated screenshot from Insomniac’s upcoming Wolverine game.

The group threatened to publish the stolen data within seven days, but first offered it for auction with a starting price of 50 Bitcoins (approximately $2 million). One week later, it followed through with its threat, reportedly releasing around 98% of the stolen data.

Insomniac then released a statement calling the experience “extremely distressing” and saying it would “continue working quickly to determine what data was impacted”.