EA Account Repeatedly Compromised Despite 2FA and Strong Password

Hi everyone,

First, I apologise if this is posted in the wrong forum section. I could not find a dedicated section for account security or account compromise issues.

I actually asked EA Support during a Live Chat where this should be raised, and after discussing the issue with them, I was advised to create a forum post so that it could be reviewed further. If there is a more appropriate section for this topic, please feel free to move it.

The Problem

Over the past several weeks, someone has repeatedly gained access to my EA account despite the following:

• Randomly-generated password comprised of uppsercase, lowercase, numbers, and special characters, stored in a password manager
• EA Login Verification (2FA) enabled
• Secure email accounts with their own protections (MFA and changed passwords) enabled
• Fresh Windows installation
• Antivirus scans completed
• No evidence of compromise on linked accounts or devices

The issue keeps recurring. I receive emails containing login verification codes that I did not request, and shortly afterward my EA account password is changed without my authorization.

The concerning part is that whoever is accessing the account appears to be bypassing the normal authentication process entirely. If 2FA is functioning correctly, I should be required to approve any login attempts.

Previous Support Cases

I have contacted EA Support multiple times regarding this issue.
In a previous case, support advised that my account had been secured and indicated that if the issue occurred again, changes to both email addresses associated with the account could be made to further secure it.

Unfortunately, the unauthorized access happened again.

Latest Support Interaction

During my most recent support session:

• Support reviewed my account and stated it appeared secure.
• I explained that unauthorized password changes had occurred again on the same day.
• Support sent me a password reset link and had me reset my password.
• Support temporarily disabled and re-secured the account.
• Support assisted me to change the secondary recovery email attached to the account.
• Support advised me to verify linked platform accounts and continue monitoring the situation.

However, when I requested that the primary email address also be changed, I was told this could not be done and that I would need to wait 30 days.
This is frustrating because the primary concern is that the account continues to be accessed by someone else despite repeated security measures.

Has anyone experienced repeated unauthorized access to their EA account despite using strong passwords and 2FA?

Is there any known method by which an attacker could continue accessing an EA account without triggering normal authentication requirements?

Are there additional security checks I should perform beyond changing passwords, securing email accounts, checking linked platforms, and reinstalling Windows?

Is there a way to have this issue escalated to a specialist security team rather than repeatedly resetting the password?

At this point, I feel like I'm stuck in an endless cycle of:

• Unauthorized access
• Password reset
• Support saying the account is secured
• Unauthorized access happening again

Any advice or assistance would be greatly appreciated.

Thank you.