French video game publisher Ubisoft Entertainment is investigating a possible security incident after reports emerged that a threat actor compromised the company on December 20, 2023, and tried to steal nearly 900 GB of data.
According to the malware-sharing community VX-Underground, the attackers had access to Ubisoft’s network for around 48 hours before the intrusion was detected and access blocked.
“They aimed to exfiltrate roughly 900gb of data but lost access,” VX-Underground said in a post on X (formerly Twitter).
It’s unclear how the threat actor managed to breach the company’s systems.
“Upon entry they audited the users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint. They attempted to exfiltrate R6 Siege user data but were unsuccessful,” according to the post.
It also appears that the hackers gained access to the Ubisoft MongoDB Atlas panel. Last week, MongoDB reported a security incident where a threat actor accessed some of its systems containing customer data.
A Ubisoft spokesman said the company is aware of the claims and is investigating the alleged data breach.
In March 2022, Ubisoft suffered a Lapsus$ attack that disrupted some of the company’s games, systems, and services. Speaking of Lapsus$, last week Arion Kurtaj, an 18-year-old hacker associated with the Lapsus$ extortion group, was sentenced to an indefinite hospital order. Another Lapsus$ member was sentenced to an 18-month-long Youth Rehabilitation Order, including intense supervision and a ban on using VPNs online.