Ubisoft Hack Forces Staff Password Reset
Table of Contents
- By Steven
- Mar 14, 2022
The video game company Ubisoft has been hacked. The digital attack caused the game-maker to issue a company-wide memo mandating that each employee reset their password. The company admitted to the hack this past Friday.
How Bad was the Hack?
Ubisoft representatives have described the digital attack as a cyber security incident. A Ubisoft spokesperson stated the digital breach led to a temporary disruption to its online gaming services, systems, and internal services, including its all-important game-making development operations.
How Has Ubisoft Responded to the Attack?
Jessica Roache, a spokesperson from Ubisoft, stated the company had launched an investigation into the hack. However, aside from forcing each company employee to reset their password to prevent unauthorized access to systems and information, Ubisoft has not taken other steps in response to the attack. It is worth noting that Ubisoft representatives have stated its online games and services are operating as they should after the hack.
The company’s public relations specialist went out of her way to note that personal information from players was not improperly accessed during the attack. Ubisoft representatives also indicated the company is investigating the hack with the assistance of external experts to determine how it occurred and gauge the extent of the sensitive data improperly accessed and stolen.
Who Carried out the Digital Attack?
LAPSUS$ is taking credit for the Ubisoft attack. This hacking collective also claims responsibility for recent digital breaches at Vodafone, Mercado Libre, NVIDIA, and Samsung. However, it is not guaranteed that LAPSUS$ is responsible for the Ubisoft data breach. Hacking collectives are quick to take credit for digital attacks, even in instances when they had nothing to do with those breaches.
LAPSUS$ hacks are unique in that these hackers extort targeted businesses by taking valuable information from servers and computers, holding it hostage, and threatening the target with a data leak unless the ransom is paid in full and on time. A link to an article detailing the Ubisoft hack and the emoji of a smirking face was posted to a Telegram channel supposedly operated by LAPSUS$ on Friday.
Did the Attack Compromise Player Data?
Ubisoft representatives stated there is no evidence showing gamer information was viewed or stolen during the hack. Ubisoft is not forcing its customers who use the company’s online services to reset their passwords as the data improperly accessed was that of the company as opposed to its gaming customers.
When pressed for additional information relating to the potential exposure of gamers’ personal information, Ubisoft representative Jessica Roache stated that the video game-maker does not have additional information to share with the media or the company’s loyal gamers. Overall, Ubisoft has nearly 120 million active users of its popular online gaming service. If it turns out the personal information of these customers was improperly accessed, stolen, and used for identity theft, the company’s customers may have solid legal footing for a class action lawsuit.