26 December 2023

Video game giant Ubisoft probing possible data breach


Video game giant Ubisoft probing possible data breach

French video game publisher Ubisoft Entertainment is investigating a possible security incident after reports emerged that a threat actor compromised the company on December 20, 2023, and tried to steal nearly 900 GB of data.

According to the malware-sharing community VX-Underground, the attackers had access to Ubisoft’s network for around 48 hours before the intrusion was detected and access blocked.

“They aimed to exfiltrate roughly 900gb of data but lost access,” VX-Underground said in a post on X (formerly Twitter).

It’s unclear how the threat actor managed to breach the company’s systems.

“Upon entry they audited the users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint. They attempted to exfiltrate R6 Siege user data but were unsuccessful,” according to the post.

It also appears that the hackers gained access to the Ubisoft MongoDB Atlas panel. Last week, MongoDB reported a security incident where a threat actor accessed some of its systems containing customer data.

A Ubisoft spokesman said the company is aware of the claims and is investigating the alleged data breach.

In March 2022, Ubisoft suffered a Lapsus$ attack that disrupted some of the company’s games, systems, and services. Speaking of Lapsus$, last week Arion Kurtaj, an 18-year-old hacker associated with the Lapsus$ extortion group, was sentenced to an indefinite hospital order. Another Lapsus$ member was sentenced to an 18-month-long Youth Rehabilitation Order, including intense supervision and a ban on using VPNs online.


Back to the list

Latest Posts

AIRASHI DDoS botnet exploits a zero-day vulnerability in cnPilot routers

AIRASHI DDoS botnet exploits a zero-day vulnerability in cnPilot routers

The attacks have been active since June 2024.
23 January 2025
SonicWall SMA zero-day exploited in attacks

SonicWall SMA zero-day exploited in attacks

SonicWall has released a patch in version 12.4.3-02854 and higher versions to address the issue.
23 January 2025
China-aligned PlushDaemon APT linked to 2023 VPN supply chain attack

China-aligned PlushDaemon APT linked to 2023 VPN supply chain attack

The attackers replaced a legitimate installer with a malicious version that planted the SlowStepper backdoor on the system.
22 January 2025