Gaming Leaks 101: The How and Why

Yoda once said, “Patience you must have, my young padawan.” It is safe to say that gamers in the last 20 years have not listened. These days when a highly anticipated game has been announced, those looking to play it will try to consume any leak they can. Gaming leaks can originate from warehouse workers, developers, a disgruntled employee, or even a bystander on a train.

Let’s explore what exactly gaming leaks are, how they occur, and how companies can protect themselves from losing highly classified data.

Leakers vs. data miners

A leaker refers to someone who is close to a product release and discloses classified information to fans. A data leak does not require a cyber-attack and commonly stems from poor data security practices or unintentional action or inaction taken by an individual. Data miners, on the other hand, are typical everyday users of a game who possess the knowledge to crack the developer’s code once a leaker releases the data on the internet.

How does a data leak occur?

There are many ways that a leak can occur. Here are a few key examples:

• Old Security
  • Old security is weak security. It is extremely important to keep systems up-to-date with the latest version of software.
• Human Error
  • Using weak passwords.
  • Falling for phishing scams.
  • Sharing the same password across multiple accounts.
• Malicious Insiders
  • Someone within a business who purposely leaks or shares data with an outside individual or company. This person likely has authorization to access the information but has the intent to use it in perverse ways.
  • Warehouse and retail workers often receive products early to ensure they are on shelves in time for their release date. Workers can leak images and product details.
• Malware
  • Hackers use malware, also known as malicious software, to get inside a system and collect sensitive information.
  • Malware is an umbrella term used for any malicious program or code that is harmful to a system. Users typically install malware on a computer by downloading attachments or files from a risky website.
• Physical Theft of a Device
  • It is important to have unique password protection on all devices in case of loss or theft.
  • When traveling with work devices, it is extremely vital to always keep the devices on your person.

Why are gaming leaks so damaging?

When gaming leaks occur, it is likely that not all the information is correct or complete. Similar to a game of telephone, most leaks come with an uncontrolled message that lacks the full picture. Old builds are deleted while new ones are developed so tricks to get past a final boss, or even the end story line of the game, can change a multitude of times before a product is released. And when outdated or incorrect feature details are released to the public, it can wreak havoc for both gamers and developers alike. It can cause anguish and discontent that is directed towards the developer. And it can ruin the experience for the game’s loyal fans who have been waiting years for the new game to be released. In any manner, the negative consumer experience hurts the company at hand.

How can developers reduce the risk of a leak?

Gaming leaks will always happen. While there is no way to completely stop the inevitable, there are preventative measures that developers can put into place.

Developers can reduce the risk of their hard work being ousted to the public before release by implementing the following:

• Non-Disclosure Agreements (NDA)
  • Language in these agreements often state what information is considered confidential and what information is allowed to be shared with third parties.
  • NDAs can include a Damages provision, which requires the payment of a set amount for any leaks.
• Terms of Service Agreements (ToS)
  • When beta testers are provided pre-release access to test games, they are often required to sign a ToS agreement to ensure they understand and acknowledge the confidentiality requirements.
• End User Licensing Agreements (EULA)
  • A EULA is a legal contract between the developer and the user of the software.
  • This type of agreement specifies in detail the rights and restrictions that apply to the use of the software. If broken, it is punishable by law.

Notable gaming leaks in history

In 2003, German hacker Axel Gembe achieved infamy by stealing the source code of Half-Life 2. Gembe maintains he did not leak the code online but rather sent it to a third party who dumped the code online. After the co-founder (Gabe Newelll) of Valve attempted to track down the leaker, Gembe reached out to Newell telling him what he had done and then proceeded to ask him for a job. Eventually Gembe got an interview, but it turned out to be an FBI sting operation. 

In 2012, someone leaked the game Mass Effect 3 on Xbox Live. Hackers were able to sift through the code and put the game’s script online. This meant consumers saw the whole storyline of the much-anticipated game before the release. 

In the summer of 2021, hackers made off with roughly 800 GB of data from EA’s servers. This included source code for some of the most popular unreleased games like FIFA 21 and Battlefield2042. Hackers attempted to blackmail EA. They sent ransom notes to authorities. And they eventually dumped all acquired data online.

Most recently, an Xbox leak confirmed two new games were in the making after Nvidia had a large list of game names, both released and speculative, leaked online.

New games will always be a hot commodity sought after by avid gamers. Given the process required to launch new games and get them on store shelves in time for release, leaks will always happen. Luckily, there are preventative measures that developers can put into place to minimize the risks associated with gaming leaks and reduce the negative impact on their loyal fan base and their bottom line.