Pierluigi Paganini
December 24, 2023
Ubisoft, the popular video game publisher, is examining reports of a potential data breach following the disclosure of evidence by prominent researchers vx-underground.
The researchers reported that on December 20, 2023, an unknown threat actor had access to Ubisoft’s infrastructure for roughly 48 hours. The administrators then locked out the intruders after discovering the attack.
It’s still unclear how attackers breached the company, they attempted to steal R6 Siege user data without success.
The Threat Actor would not share how they got initial access. Upon entry they audited the users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint.
— vx-underground (@vxunderground) December 22, 2023
They attempted to exfiltrate R6 Siege user data but were unsuccessful pic.twitter.com/EPRraDl3MT
Ubisoft is a prominent multinational video game company that has a strong presence in the gaming industry. It is known for developing, publishing, and distributing a wide range of video games across various platforms, including PC, consoles, and mobile devices. Ubisoft has a strong track record of creating popular franchises, such as Assassin’s Creed, Tom Clancy’s Rainbow Six Siege, Far Cry, Watch Dogs, and many others.
The threat actor claims to have had access to the company Microsoft Teams, Confluence, and SharePoint installs.
The threat actor told vx-underground that they plan to exfiltrate around 900GB of data of data stolen from the gaming company.
On March 2022, Ubisoft suffered another ‘cyber security incident’ that had a severe impact on games, systems, and services. Lapsus$ extortion gang claimed to have breached the company network and exfiltrated internal data.
In October 2020, the Egregor ransomware gang hit the game developer Crytek and leaked files allegedly stolen from Ubisoft.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
