Video game companies appear to be the new goldmine for hackers. Last year, Rockstar Games took a hit that spewed an hour-long development video of GTA 6. Last week Insomniac Games had an ugly experience of cyberattack. On Friday, December 22, it was alleged that Ubisoft fought off attackers that infiltrated its network.
The news was shared on X by VX-Underground, a channel that claims to be the largest collection of malware source code on the Internet. According to the source, the hackers infiltrated Ubisoft for about 48 hours, although their efforts ended unsuccessfully.
“December 20th an unknown Threat Actor compromised Ubisoft,” VX-Underground wrote on X. “The individual had access for roughly 48 hours until administration realized something was off and access was revoked.
ALSO READ: Tencent And NetEase Lost Nearly $80 Billion To China’s New In-Game Spending Regulation
“The Threat Actor would not share how they got initial access. Upon entry, they audited the users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint. They attempted to exfiltrate Rainbow Six Siege user data but were unsuccessful.”
Although having gained administrative access, the hacker was unable to cause any serious harm. All that came out of the effort were screenshots (some of which were redacted) that revealed nothing.
The unsuccessful attempt by the Ubisoft hackers is great news and should be seen as a victory for the video game industry which has suffered severe hacks in recent years. While we don’t know if the attackers obtained any other information before they were kicked out, VX-Underground appears to be certain that the attack was unsuccessful.
Attackers usually ransom data illegally obtained from their illicit act. Once the video game company refuses to pay, they leak the same to the public. It is satisfying to know that Ubisoft’s cyber security team was quick to detect and get rid of the “Threat Actor” before any major harm was done.
ALSO READ: 13 Must-Have Video Game Accessories That Will Transform How You Play
“We are aware of an alleged data security incident and are currently investigating,” Ubisoft reportedly said in a statement to BleepingComputer. “We don’t have more to share at this time.”
At the time of writing this post, Ubisoft had yet to make a public statement about the incident on their social media platforms. The recent incident has raised the question on the need for video game companies to invest more in their security infrastructure.
It’s not the first time that Ubisoft has been infiltrated
While the recent attempt that appears to be targeted at obtaining information about Rainbow 6 Siege may not have succeeded, previous attacks on Ubisoft have had severe consequences. In 2020, Ubisoft was hacked by the Egregor ransomware group which leaked some parts of the Watch Dogs game’s source code.
In March 2022, Ubisoft suffered another data breach which was believed to be from the Lapsus$ group. The incident temporarily disrupted games, services, and systems and forced the company to reset its entire passwords.
ALSO READ: 7 Biggest Video Game Flops Of 2023 That Left Gamers Feeling Scammed
“Our IT teams are working with leading external experts to investigate the issue,” Ubisoft said in a statement after the attack. “As a precautionary measure, we initiated a company-wide password reset. Also, we can confirm that all our games and services are functioning normally and that all this time there is no evidence any player’s personal information was accessed or exposed as a by-product of this incident.”
The failure of the recent attack on Ubisoft may suggest that the company has learned from its previous attacks and upgraded its cyber security infrastructure such that even though the “Threat Actor” gained access to its systems no harm seems to have been done.
While bad actors will continue to try, successes like the one recently recorded by Ubisoft is a heartwarming news that shows hackers are not invincible.
