'Fortnite' security flaw allowed hackers to make purchases, listen to players

The popular video game “Fortnite” had a security flaw in its platform that could have allowed hackers to access sensitive user data, cybersecurity firm Check Point announced on Wednesday.

Continue Reading Below

Check Point said that some of “Fortnite” publisher Epic Games’ sub-domains had a flaw that could have allowed hackers to take control of player accounts if they clicked on a malicious link. Once clicked, the hackers could access account data, use their victims’ payment methods to buy “Fortnite” in-game currency and even listen to their conversations on the game’s platform – all without passwords or other log-in information.

The firm alerted Epic Games to the flaw in November and it was fixed by January, Variety reported.

“We were made aware of the vulnerabilities and they were soon addressed,” an Epic Games spokesperson said. “We thank Check Point for bringing this to our attention. As always, we encourage players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others.”

“Fortnite” has more than 200 million registered users. Epic Games recorded a $3 billion profit in 2018 based largely on the game’s success, according to TechCrunch.


As more players flock to “Fortnite,” the company’s practices have drawn scrutiny. The Better Business Bureau gave Epic Games an “F” rating earlier this month, alleging that it had failed to respond to hundreds of customer complaints.