Fortnite bugs put accounts at risk of takeover
The flaws, if exploited, would have stolen the account access token set on the gamer's device once they entered their password. Once stolen, that token could be used to impersonate the gamer and log in as if they were the account holder, without needing their password. The researchers say that the flaw lies in how Epic Games, the maker of Fortnite, handles login requests.