Epic Games is facing a lawsuit in the United States as a result of a security breach detected earlier in the year in Fortnite accounts.

The security breach was discovered and explained by Check Point Research. The method consisted only of sending a link to the target user. If the user clicked on that link, the attacker was able to obtain the user name and password of the Fortnite account.

With this method the attacker was able to “take control of any player’s account, view his personal information in the account, buy V-Bucks, Fortnite’s virtual currency, and spy and record conversations taking place in the game and at home”.

After being notified, Epic Games fixed the vulnerability, but according to law firm Franklin D. Azar & Associates, which initiated the process, did not warn users that their personal information could have been compromised.

“Epic Games has not yet informed or directly notified individual Fortnite users that their information may have been compromised as a result of the security breach,” said the firm (via Polygon).

The lawsuit is a joint legal action made up of more than 100 people. Epic Games declined to comment on the lawsuit.

Tagged in: