Let’s start with the good news for this one, shall we? There’s no firm evidence about how often Fortnite’s newly fixed login bug was actually exploited, so while all 200 million players the game reports were vulnerable to it, it’s not clear how many people actually subject to that vulnerability. On the side of bad news, though… well, it was a vulnerability for 200 million accounts, that is kind of a big deal.
The vulnerability was discovered by an independent researching firm, Check Point, who noted that there was a way to route some malicious code via a sub-domain of the Fortnite site to give links the appearance of legitimacy. In short, it made it easy to route around proper login procedures and gain access to the account, but the issue should be fixed at this point. We’re hoping that any and all of our readers who were potentially vulnerable were unaffected by this exploit. But also marveling over the fact that WaPo just covered a Fortnite bug.