By Sagar V. Mankar The gaming world is on high alert after recent cyberattacks targeted industry giants. Following Insomniac Games’ devastating ransomware attack, which exposed 1.7 TB of sensitive data, Ubisoft narrowly avoided a significant data breach.
Ubisoft’s Close Call with Hackers
On December 20, Ubisoft, the French gaming giant, encountered a security breach. According to vx-underground, a well-known source for malware-related data, hackers gained access to Ubisoft’s servers for 48 hours. During this time, the attackers attempted to extract 900 GB of data. However, Ubisoft quickly detected the intrusion and revoked access before any significant damage occurred.
“December 20th, an unknown threat actor compromised Ubisoft. The individual had access for roughly 48 hours until administration realized something was off and access was revoked,” tweeted vx-underground.
How Did the Hackers Strike?
The attackers exploited vulnerabilities in Ubisoft’s Microsoft Teams, Confluence, and SharePoint platforms. They also intended to breach the Rainbow Six Siege user base. Thankfully, Ubisoft’s swift response averted a potential disaster. No confidential data was compromised, as confirmed by the company’s statement to BleepingComputer:
“We are aware of an alleged data security incident and are currently investigating. We don’t have more to share at this time.”
Lessons from Insomniac’s Ransomware Attack
Insomniac Games’ recent ransomware attack serves as a grim reminder for the industry. The leaked 1.7 TB of data revealed future projects, contracts, and sensitive documents, causing significant damage to the studio’s plans. This incident has forced developers across the industry to re-evaluate their cybersecurity practices.