Epic Games blocked the weakness quietly without informing anyone.
In November, Check Point found a weakness in the popular Fortnite game, which allows hackers to steal user accounts. There are more than 80 million active players in Fortnite.
The researchers of the Israeli cyber company found that the weakness is in several places in the structure of the game, but the main vulnerability is in the login function. They discovered that hackers can track the unique tokens that users get when entering the system.
Users who logged in through SSO (Single sign on) such as Facebook, Google or XBox or PS received links that referred them directly to hackers. Although it looks like a phishing attack, it is a much more complex weakness.
Check Point also posted a short video demonstrating the weakness.
Epic Games, who developed the popular game, closed the weakness back in late November but did not update anyone. It is possible that because there are players from Europe, they have violated the GDPR rules.