Feeds

Free games for all after EA discount code goes viral

SNAFU meant one code worked multiple times, for multiple people

Choosing a cloud hosting partner with confidence

Electronic Arts (EA) has endured a difficult weekend after a poorly-coded promotion saw a discount code that could be used many times find its way into the public domain, where it sparked a free games downloading spree.

The incident seems to have started with this post to a gaming forum, which includes a discount code good for US$20 of software from EA's online store. The code was a reward for participants who completed an online survey. The code was not a one-off. Instead, it could be used multiple times by multiple people.

The code then made it to Reddit, whereupon it spread at a rapid pace.

Redditors now report that it was possible to access at least 44 games. As some cost $19.99, the discount code allowed them to be downloaded for free.

Reports suggest the code was used for around 18 hours before it became invalid. Judging by the hundreds of comments on Reddit, a great many games were downloaded during that time.

In his summary of the incident, Blogger Max Woolf has pointed out that the mess is probably the result of very, very poor client-side validation, as the code could be used multiple times from the same device without the server becoming aware it had been used.

Woolf also posted this screen shot detailing a chat he had with an online support person at EA, in which the EA staffer confirms many of the details of incident.

EA seems not to have commented on the issue, either through its announcements pages or its forums.

Even though the downloads have now stopped, the gaming giant is not out of the woods as the promotion promised the code would be valid until October 21st. Just how the company sorts out this mess is anyone's guess. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Preview redux: Microsoft ships new Windows 10 build with 7,000 changes
Latest bleeding-edge bits borrow Action Center from Windows Phone
Google opens Inbox – email for people too thick to handle email
Print this article out and give it to someone tech-y if you get stuck
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
UNIX greybeards threaten Debian fork over systemd plan
'Veteran Unix Admins' fear desktop emphasis is betraying open source
Entity Framework goes 'code first' as Microsoft pulls visual design tool
Visual Studio database diagramming's out the window
Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...
Wobbly Gmail, Contacts, Calendar on the other hand ...
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings
Oi, Windows, centOS and openSUSE – behave, we're all friends here
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.