Cybersecurity NewsNews

Ubisoft Suffered 900GB Data Breach In A Possible Cyberattack

Ubisoft reportedly suffered a cyber breach after leaks of images of the company’s internal gaming software and developer tools were leaked online.

The company is a French game publishing firm known for appreciating video games like Assassin’s Creed, FarCry, Tom Clancy’s Rainbow Six Siege, and the new Avatar: Frontiers of Pandora.

Ubisoft Investigating Plausible Breach

Ubisoft disclosed that they are investigating a plausible data security breach incident after security research collective VX-Underground shared screenshots of what seems to be the firm’s internal data.

According to a report, it says: “We are aware of an alleged data security incident and are presently investigating. We don’t have more to share at this time.

In a tweet, vx-underground says that an unknown hacking operator revealed to them that they breached Ubisoft on December 20th. Once inside the firm’s systems, they said they planned to extract around 900GB of data.

As part of this alleged breach, the threat actors asserted they gained entry to the Ubisoft SharePoint server, Microsoft Teams, Confluence, and MongoDB Atlas panel, sharing screenshots of their access to some of these services.

Comparatively, MongoDB Atlas recently disclosed a data breach, but based on their disclosure details, it does not appear that this occurrence is related.

Moreover, the threat actors told vx-underground that they attempted to pilfer data Rainbow 6 Siege user data but were noticed and lost access before they could properly operate.

However, the screenshots appear to show some of Ubisoft’s internal Microsoft Teams messages, as well as files stowed on its SharePoint and Confluence servers. Meanwhile, there are references to games we already know about, there’s nothing new to be gleaned from these leaked screenshots, says Ubisoft.

Previously, Ubisoft was breached by the Egregor ransomware gang in 2020, the actors released parts of the Ubisoft Watch Dogs game’s source code. The firm suffered a second breach in 2022 that disrupted its games, systems, and services.

Related Articles

Back to top button