Epic's Fortnite might be the biggest game in the world right now, but until recently the smash hit boasted a pretty sizeable security flaw, too.
That's according to Variety, who reports that Check Point Software Technologies discovered that hackers could take over Fortnite accounts, buy items using their credit cards and even, um, tap into users' microphones and listen to conversations from their home.
This was due to flaws in that way taht Epic's web infrastructure worked, with researchers from Check Point finding they could steal a user's access info via the authentication process used via the likes of Xbox, Google and Facebook.
Users had to click on a link from a phishing scam, with hackers able to access the account without even entering any login information.
The organisation alerted Epic Games straight away, with the firm saying that it has fixed the hole this month
“We were made aware of the vulnerabilities and they were soon addressed,” a spokesperson for Epic said.
“We thank Check Point for bringing this to our attention. As always, we encourage players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others.”
Check Point's head of product vulnerability Oded Vanunu added: “Fortnite is one of the most popular games played mainly by kids. These flaws provided the ability for a massive invasion of privacy. Together with the vulnerabilities we recently found in the platforms used by drone manufacturer DJI, show how susceptible cloud applications are to attacks and breaches. These platforms are being increasingly targeted by hackers because of the huge amounts of sensitive customer data they hold. Enforcing two-factor authentication could mitigate this account takeover vulnerability.”
