French video game developer Ubisoft has once again fallen victim to a cyberattack. On the morning of December 22, 2023, a security research team shared screenshots allegedly from Ubisoft’s internal services. Ubisoft subsequently acknowledged a suspected data breach incident, confirming that an investigation is currently underway.
An anonymous hacker group revealed that they successfully infiltrated Ubisoft’s systems on December 20th. They reportedly exfiltrated about 900GB of data, gaining access to Ubisoft’s SharePoint server, Microsoft Teams, Confluence, and MongoDB Atlas panels, thereby accessing a wealth of internal information of the company.
December 20th an unknown Threat Actor compromised Ubisoft. The individual had access for roughly 48 hours until administration realized something was off and access was revoked.
They aimed to exfiltrate roughly 900gb of data but lost access.
— vx-underground (@vxunderground) December 22, 2023
However, as the hackers jubilantly prepared to steal user data from “Rainbow Six Siege,” Ubisoft detected the breach and revoked their access. Consequently, it appears that this data breach incident did not involve user data but was primarily confined to corporate information of Ubisoft.
At present, Ubisoft is reluctant to disclose detailed information about this data breach. Several days have elapsed since the incident, which would normally be sufficient time for a preliminary investigation report to emerge.
It’s noteworthy that the hackers’ objective in infiltrating Ubisoft was not merely data leakage but rather extortion. Their primary goal was to use the stolen data to threaten Ubisoft, demanding a ransom. Should Ubisoft refuse to pay, the data would be made public.
Ubisoft has experienced similar cyberattacks in 2020 and 2022, including a breach that resulted in the partial source code of “Watch Dogs” being leaked. However, in those instances, Ubisoft did not acquiesce to the ransom demands.
Source: Original Post