A web server belonging to the games company Electronic Arts has been hacked and is now hosting a phishing website, according to an internet security firm.

The website that has been put in place by hackers asks users to enter their Apple IDs - the credentials needed to access services like Apple's iTunes.

A second screen then asks users to enter further personal information, including credit card details.

EA said it was investigating the problem.

Paul Mutton, from Netcraft, the internet security company that uncovered the hack, said in a blog that it was likely a vulnerability in an online calendar application hosted on the web server had been exploited by the attackers.

The calendar based on the web server was an old version of software that had since been updated, he said.

"The mere presence of old software can often provide sufficient incentive for a hacker to target one system over another, and to spend more time looking for additional vulnerabilities," he wrote.

Once a user has entered their Apple ID and password on the fake website they are then asked to verify their name, date of birth, phone number and credit card details among other information.

Users were then directed to the legitimate Apple ID website, said Mr Mutton.

BBC News