In the wake of a devastating ransomware attack on Insomniac Games, Ubisoft, another titan in the gaming industry, has narrowly averted a similar fate. The company recently faced a cybersecurity threat when an unauthorized individual gained access to its systems for a period of 48 hours. This incident, which comes close on the heels of the Insomniac Games breach, has raised concerns about the increasing vulnerability of gaming companies to cyber attacks.
Initial reports of the breach, first disclosed by Bleeping Computer and further amplified by vx-underground’s Twitter post, suggested that the intruder attempted to exfiltrate a staggering 900 GB of data from Ubisoft’s systems. The timing of this attempted hack on December 20th, not long after the Insomniac incident, raises questions about whether this was an isolated act or part of a broader pattern targeting gaming companies.
Ubisoft’s Response and Ongoing Investigation
The Threat Actor would not share how they got initial access. Upon entry they audited the users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint.
They attempted to exfiltrate R6 Siege user data but were unsuccessful pic.twitter.com/EPRraDl3MT
— vx-underground (@vxunderground) December 22, 2023
Ubisoft quickly responded to the breach, managing to expel the hacker from its systems before any significant data could be stolen. The company acknowledged the security incident and is conducting a thorough investigation to assess the full scope and impact of the attempted hack. As of now, Ubisoft has not shared detailed information about the breach, pending the conclusion of their investigation.
While Ubisoft’s proactive measures allowed them to thwart the data theft, Insomniac Games wasn’t as fortunate. The contrast between the outcomes of these two incidents underscores the varying levels of preparedness and response mechanisms within the gaming industry. Insomniac continues to grapple with the ramifications of their ransomware attack, highlighting the need for heightened cybersecurity measures across the sector.
