Breach, Data Security

Big Fish Games notifies customers of payment card breach

Big Fish Games is notifying an undisclosed number of customers that malware was installed on the billing and payment pages of its websites, and it appears to have intercepted customer payment information.

How many victims? Undisclosed. Big Fish Games did not immediately respond to a request for the information.

What type of personal information? Names, addresses and payment card information, including card numbers, expiration dates and CVV2 codes.

What happened? An unknown individual installed malware on the billing and payment pages of Big Fish Games' websites, and the malware appears to have intercepted customer payment information.

What was the response? Steps were taken to remove the malware and prevent it from being reinstalled. The incident has been reported to law enforcement. All impacted individuals are being notified, and offered a free year of identity protection services.

Details: Big Fish Games discovered the incident on Jan. 12. Information may have been affected if new payment details were entered on Big Fish Games' websites – rather than using a previously saved profile – for purchases between Dec. 24, 2014, and Jan. 8.

Source:, “BFG Multistate Notice,” Feb. 13, 2015.

UPDATE: In a Wednesday email correspondence, a Big Fish Games spokesperson told that the company is not providing information beyond what has been released.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.