According to sources, an unknown threat actor accessed Ubisoft’s internal tools on December 20th, allegedly aiming to obtain 900GB of data. After entering the French game publisher’s internal systems, the hacker reviewed users’ access rights and Microsoft Teams, Confluence, and SharePoint. However, Ubisoft managed to revoke access after 48 hours.
Ubisoft, famous games like Assassin’s Creed and Avatar: Frontiers of Pandora, is investigating the breach to determine how the “unknown threat actor” allegedly gained access to the company’s Microsoft Teams, Confluence, Atlas, and SharePoint channels and maintained access for 48 hours before Ubisoft revoked access.
It’s worth noting that the latest cybersecurity incident at Ubisoft occurred just a year after the company was compelled to issue a password reset due to a cyber attack linked to Lapsus$.
The online malware repository VX-Underground posted about the incident on its X (Twitter) page, explaining that the attackers “aimed” to obtain 900 GB of Ubisoft’s data.
“December 20th an unknown Threat Actor compromised Ubisoft. The individual had access for roughly 48 hours until the administration realized something was off and access was revoked. They aimed to exfiltrate roughly 900 GB of data but lost access.”
The researchers also shared screenshots of Ubisoft’s internal services. Whether the hacker(s) could obtain any data before Ubisoft revoked access or not is still unclear. However, it is suspected that the attackers wanted to obtain Rainbow Six: Siege user data but failed. The company claims to be “aware” of the security incident but hasn’t shared any additional information as yet.
This is the second data breach targeting a major video game company this month. Earlier in December, Ratchet & Clank and Spider-Man developer Insomniac Games got sensitive employee data/information regarding unreleased video games stolen in a massive hacking incident.
The hacker published detailed plans of Insomniac for the next decade, including unannounced projects, production details, art assets, and employee information. Ransomware group Rhysida took responsibility for the hack and demanded 50 bitcoins to prevent the data from being published publicly.
In Ubisoft’s case, so far, there’s no indication that anything of the sort was accessed or leaked. Nevertheless, the resurgence of the trend to target gaming giants is not surprising, as hackers are known to ruin Christmas and holidays for gamers.