Video game publisher Ubisoft has successfully thwarted a major cyberattack over the weekend, preventing hackers from stealing approximately 900GB of critical data.
The attempted breach, which targeted data from the popular game Rainbow Six Siege among other assets, was stopped in its tracks before any serious data could be compromised, according to Ubisoft.
The hackers had about 48 hours to explore Ubisoft's systems, media reports suggested. However, their access was revoked by the company as soon as the breach was discovered, halting data extraction efforts.
The incident came to light after the security research group Vx Underground shared screenshots indicating unauthorized access to Ubisoft's internal services.
The Threat Actor would not share how they got initial access. Upon entry they audited the users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint.— vx-underground (@vxunderground) December 22, 2023
They attempted to exfiltrate R6 Siege user data but were unsuccessful pic.twitter.com/EPRraDl3MT
The screenshots revealed that the hackers had managed to infiltrate the Ubisoft SharePoint server, Microsoft Teams conversations and databases including Confluence and Mongo DB Atlas.
Ubisoft, known for blockbuster titles like Assassin's Creed, Far Cry and Tom Clancy's Rainbow Six Siege, confirmed it's investigating the incident.
This isn't the first time Ubisoft has faced cybersecurity challenges.
The company previously fell victim to the Egregor ransomware gang in 2020, leading to the partial release of the Watch Dogs game's source code.
Another similar breach in 2022 disrupted various games, systems and services of the company.