Gaming Cyber Attacks Are On The Rise - But What Is At Risk?

Cyberattacks on gaming sites are becoming increasingly common, up 167% in the past year. But how much personal data do game developers really hold, and is it something that consumers should be concerned about?

A new study by TechRobot analysed the privacy policies of major game developers and found they have a concerning insight into our personalities, intelligence, contacts and private messages. In the event of a cyberattack, hackers can use this information to carry out convincing identity theft.

The gaming industry is huge, with an estimated 3.2 billion gamers worldwide in 2022 and expected to generate $196.8 billion by the end of the year. However, gamers are often unaware that the industry is valuable for an additional reason - data. The data accumulated from gaming achievements, rankings, messages and contacts are highly valuable because it reveals so much about a person’s intelligence and personality, which can then be used for a variety of purposes, including to market a new product.

If used nefariously, this information can easily be used to impersonate someone or carry out identity theft, perhaps explaining why cybercriminals are increasingly targeting the gaming industry.

However, it’s not just cybercriminals that are targeting this data. It was shockingly discovered that 78% of game developers are selling this information to third parties. As the gaming industry grows so do the opportunities to harvest data.

Some key findings from the report include:

  • 89% of game developers monitor users’ private conversations.
  • 90% of developers track gamers’ actions and 78% store data on scores and rankings- enough information to understand gamers’ intelligence and personality.
  • Gamers with a Riot Account have the most data collected about them- the developer collects 81% of the data points investigated.

Game developers are monitoring private conversations

Although much of the internet is not private, one thing consumers would like to think stays private is their personal messages. However, Techrobot has found that this is not the case. In fact, 89% of game developers have access to these conversations and are storing the information. This means that if hacked, private conversations and images could be leaked. Perhaps of more concern, however, is the fact that these messages could be used to impersonate you and carry out highly convincing identity theft.

Game developers are collecting information that alludes to your personality and intelligence

At first glance, this may not seem worrying. However, access to this information could come with serious consequences. If this information is hacked, cybercriminals could easily use it to impersonate you.

However, identity theft is not the sole problem. Similar data to this has been used by the Chinese government to create a social ranking system. It is not unlikely that in the case this system is adopted in other countries, game developers could sell your data unknowingly to governments to help create social profiles.

In the study, it was revealed that almost 90% of online game developers track registered gamers’ actions when they are playing, 78% store data on individual players’ scores and rankings and 56% follow game achievements, including how long it takes to complete tasks. This data can easily be used to create a profile on a user’s personality, intelligence and behaviours.

If this were to happen, certain behaviours and actions whilst playing games could be used against individuals. For example, if an individual was particularly violent whilst playing games, it could be used to create an image of that person as predisposed to violent behaviour, thus lowering their social ranking.

Microsoft and Riot games are amongst the household name brands that are harvesting user data

TechRobot found the top three most invasive game developers were Riot, Rockstar Games and Microsoft. Out of the data points investigated, Riot collected 81%, Rockstar games collected 75% and Microsoft games collected 74%.

While it may seem unlikely for this data to be used nefariously, in 2022 the popular game NEOPETS was hacked by cybercriminals targeting data. The database had access to the personal and private information of 69 million users, which the hacker offered to sell for £75,500 in Bitcoin.

The most popular games are more likely to be targeted by hackers, due to the amount of data they hold. This means that the most invasive and most risky games to play online are League of Legends, GTA Online, Minecraft, Apex Legends and Final Fantasy XIV. The details of these games are shown below:

How can gamers keep themselves safe?

It is not only the gaming industry that collects user data and much of the data collected is used to improve and update games and gaming over time. However, it becomes an issue when companies are storing this data and passing it on. This may not stop gamers from continuing to play their games, but gamers should become familiar with the risks, and if possible take steps to reduce them.

TechRobot looked into whether it was possible to play games whilst keeping your data safe online and minimising the risk to an individual.

The following are the main ways in which experts suggest protecting your data while playing games online:
  1. Install a VPN
  2. Pick a strong password
  3. Reduce your data online

Install a VPN

VPN stands for ‘Virtual Private Network’ and is a service which protects some of your data online. A VPN essentially encrypts your data, to protect your identity, as well as hiding your IP address so that your location is unknown. This ensures extra protection against hacking and data harvesting and makes it harder to build an accurate picture of your identity.

However, it is necessary to keep in mind that certain games have banned the use of a VPN, so it i’s always useful to check their terms and conditions. In addition, VPNs can sometimes slow down the gaming experience, so it is best to reserve their use for single-player and PC games only.

Pick a strong password

Cliche and overused advice. However, it works. If a hacker does gain access to an individual's account, it is likely they will have access to passwords. This means if someone has the same password for banking or other sensitive accounts, that information could be compromised.

Reduce your data online

Gamers can be picky with the data they put online, by only entering essential information and being aware of the data that is asked of them. This will ensure that users minimise risk and maximise privacy whilst playing games online.

To conclude, we live in a data age, and it is essential for the running of modern-day life. In gaming, data is essential to improve the metrics, functioning and development of games. However, it is of concern that gaming cyberattacks are on the rise. Gamer data is valuable, and it’s of no surprise that cybercriminals are targeting the gaming industry. Additionally, there is the question of whether gaming companies should be trusted with user data, or whether there’s a likelihood that they could be selling user data for nefarious purposes. It is, therefore, imperative that gamers are educated on the ways can keep themselves safe online, and to be aware of the risks surrounding data, so that they can make informed decisions as to which games they choose to play.

Read next: This Research Shows Meta Apps Are Extremely Vulnerable to Cyber Attacks
Previous Post Next Post