According to recent reports, Ubisoft is investigating a security breach involving an “unknown threat actor” who gained access to their systems for approximately 48 hours before the breach was detected and access was shut down. Screenshots supposedly taken during the December 20 hack have surfaced online, prompting Ubisoft to confirm an ongoing investigation into the reported data security incident.
Ubisoft Fought A New Security Breach: says it’s investigating alleged the attack
On December 20th, an “unknown Threat Actor” allegedly gained access to Ubisoft’s computers and stayed there for almost 48 hours, according to vx-underground on Twitter. During this period, the intruder had access to various systems like SharePoint, Confluence, and Microsoft Teams, among others. Despite this level of access, only a few screenshots have been shared, revealing minimal information.
The Threat Actor reportedly tried to “exfiltrate” almost 900 GB of data but was unable to do so after Ubisoft forced him to exit the networks. It was further stated that Rainbow Six Siege was connected to the data the malevolent operator was attempting to obtain.
Ubisoft stated, “[The hacker] audited users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint” after breaking into Ubisoft’s internal networks.
It appears that the “threat actor” did not disclose how they obtained initial access. However, before the threat actor could successfully steal user data from Rainbow Six Siege, access was revoked.
In response to the incident, Ubisoft provided a statement to BleepingComputer, acknowledging the alleged data security issue and confirming an ongoing investigation but refrained from sharing further details at that time.
The exact nature of the obtained content remains unknown, although vx-underground suggests that the attempt was not fruitful.
In the past, Ubisoft faced breaches in 2020 by the Egregor ransomware gang, resulting in the release of parts of the Watch Dogs game’s source code. In 2022, the company experienced another breach that disrupted its gaming systems and services. Now, the most recent case is of Insomniac Games which fell victim to a severe ransomware attack, resulting in the leak of over a terabyte of data, including a playable build of Wolverine.
Hence, it makes sense that other developers are stepping up their cybersecurity initiatives to safeguard their upcoming projects and prevent sensitive information from circulating online.
For constant updates, keep following Gamevro.
