This afternoon there’s been a false alarm announcement by a supposed hacker group suggesting they’d breached Origin, lifting thousands of emails and passwords. In fact the emails included in a leak come up in Google searches as far back as several years ago, meaning the list was likely harvested from several already-public lists. EA suggests that “there is no truth” to the idea that there was a hack and that “it was an artificially generated list that has nothing to do with Origin.”
Of special importance is the fact that this list was posted to PasteBin with a link to a separate file download. While the file has been downloaded by some intrepid investigators already, we’d recommend staying as far away as possible. If the creators of the list did indeed intend for it to go public as quick as possible, they’d have pushed the entire text to PasteBin itself.
Instead of freaking out and changing your password as fast as possible, we recommend checking your email for any suspicious communications. It’s far more likely that the creators of this hoax are aiming to attack users with a second stage than it is that they’ve gotten your password in the first place.
Watch for emails that suggest you change your password, only to lead you to a website that’s nor Origin’s own. This will be a phishing attack, and one you’re not going to want to fall into.