Fortnite fanatics might have subjected to a costly security breach as it has been reported that hackers broke into accounts to make in-game purchases and eavesdrop on chats.

Although first reported this month, the cybersecurity firm Check Point Software Technologies said they initially became aware of this hack in Nov. 2018. The company says that victims were exposed to this attack by clicking on a fabricated phishing link that appeared to be coming from Fortnite’s parent company Epic Games. Upon identifying the issue Check Point Software Technologies alerted Epic Games and the hole was fixed and secured this month.

The immensely popular online game has been the victim of hacks in the past due to Fortnite’s simple login process, web infrastructure, and token authentication process. However, this loop was not password related. It was discovered that hackers were able to gain access through flaws found in two of Epic Games’ sub-domains.

A spokesperson for Epic Games insists that the company is working towards securing their system while urging consumers to practice secure gaming methods.

“We were made aware of the vulnerabilities and they were soon addressed,” the spokesperson stated. “We thank Check Point for bringing this to our attention. As always, we encourage players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others.”