Take-Two is definitely not having a good time of it. Following the weekend’s colossal leak of GTA VI, its septimana horribilis continues with the fresh news that its 2K Games support services have been hacked, and customers are now being sent out phishing scams.
Posting to the official 2K Support Twitter account, 2K explained that its help desk platform had been hacked, and the invader made off with a whole bunch of customer emails. It says it “became aware that an unauthorized third party illegally accessed the credentials of one of our vendors to the help desk platform that 2K uses to provide support to our customers.”
2K has taken its “support portal” offline while they try to figure out what the heck happened, which isn’t a great look, especially in the week of NBA 2K23‘s release. The statement says, “We will issue a notice when you can resume interacting with official 2K help desk emails,” which is…not a foolproof method. Firstly, it gives the impression that there might be a time when a previously unread phishing email would be safe to click on, and secondly, it hardly reaches people who’ve received the email, who aren’t fortunate enough to have noticed the tweet (or read the press coverage).
Meanwhile, those with open tickets are getting told, at the time of writing, that 2K doesn’t “have estimates on when you’ll receive a reply,” with the somewhat ironic suggestion that they, “stay tuned via email.”
Read More: NBA 2K23: The Kotaku Review
For those that think they may have already fallen for the phishing scam, 2K recommends that people reset all passwords, enable multi-factor authentication (but avoid text message-based verification!), clog up their PCs with anti-virus software, and “check your account settings to see if any forwarding rules have been added or changed on your personal email accounts.”
There’s further cause for concern when you notice that one customer recognized that a likely hack had occurred some ten hours before the statement was released, but was fobbed off by the official account. The original customer replied almost nine hours before the hack was confirmed, saying, “at this point its very clear that you guys got hacked on support things related.. make a statement already before the damage is too big.”
Many replies to the statement are from bereft customers, claiming to have lost their accounts, or seen money removed from their games. Many more are from people who clicked on the links in the emails, but now don’t know if they’ve caused any harm to their devices or account, and are not getting clear answers.