The recent security breach of Fortnite has dragged it into a class-action lawsuit. The reason contributing to the action is the access that hackers got to the personal information of the players who have confided that in Fortnite to enjoy just the gaming session and not the fuss.
The lawsuit was filed by Franklin D. Azar & Associates in U.S. District Court in North Carolina, alleging that Epic’s “failure to maintain adequate security measures and notify users of the security breach in a timely manner.” The lawsuit further claims that “there are more than 100 class members.”
The report, as mentioned by Polygon, A bug detected by Fortnite in February was responsible for exposing the personal information of millions of users/ players to the hackers who have generated it. The alarm stated,
“By discovering a vulnerability found in some of Epic Games’ sub-domains, an XSS attack was permissible with the user merely needing to click on a link sent to them by the attacker. Once clicked, with no need even for them to enter any login credentials, their Fortnite username and password could immediately be captured by the attacker.”
On the part of Epic Games, the issue was acknowledged and fixed as soon as viable, but the suit holds the company responsible for failing to notify affected users. The lawsuit files that, “Epic Games has not yet directly informed or notified individual Fortnite users that their [personally identifiable information] may be compromised as a result of the breach.”
As mentioned by Polygon, According to the filing, the plaintiff and anyone else affected by the breaches
“have an ongoing interest in ensuring that their [personally identifiable information] is protected from past and future cybersecurity threats.”
Claims to compensate for the loss of private information or leak of it to any other party than the organization with which the info has been shared is hardly recoverable. However, the suasion was undeniable and legit.