Gaming giant does not disclose a hack: password refresh is encouraged

Ubisoft confirms a cyber security incident but does not call it a hack

Ubisoft creates precautionary measures to avoid issuesThe company discloses the incident but does not confirm any losses or data access. Lapsus$ group possibly to blame

The gaming giant reveals that the cyber security incident forced the company to refresh passwords company-wide. The incident caused the disruption to games, systems, services. It was announced after the disruption and when many users had reported issues accessing their Ubisoft service.[1] The data extortion group LAPSUS$ can be claimed for the incident.[2]

The official statement and overall reaction from the company is to deny the data theft or exposure entirely. However, Ubisoft initiated the password reset for employees throughout the company systems. The IT experts should work on the investigation and the analysis of the security issue. The password reset is a precautionary measure, according to the official statements.

Last week, Ubisoft experienced a cyber security incident that caused temporary disruption to some of our games, systems, and services.

The company, with its headquarters in Montreuil, France, has studios around the world. Ubisoft is a giant company known for Assassin's Creek, Far Cry, Just Dance, Watch Dogs, Rabbids, and other creations. According to the users, online these service access issues started back on March 4th.[3]

No evidence of the personal information exposure

The company took precautionary measures to avoid issues and damage, no further security measures or changes have been made public. Ubisoft remains tight-lipped and does not determine if this incident was a hack and what systems or features got affected. The company also states that services and games now are working properly, reporting that no evidence of data access was found.

No personal user data got accessed or exposed as a by-product of this accident that company refuses to call a hack. This incident occurred after a huge wave of similar high-profile hacks that took place in February, and some of them came out into the media headlines at the beginning of March. The LAPSUS$ hacker group claimed responsibility to NVIDIA,[4] Mercado Libre, Samsung hacking campaigns so far. It is possible that these attackers are involved with Ubisoft too.

Threat actor group insinuates the responsibility for the hack

After the first news reports about the incident, the Lapsus$ hacker group reacted to the reports in their Telegram group. The smirk emoji could be a sign that these hackers are behind the particular hack too. Further responses on the same group confirmed that these criminals do not target information of customers with Ubisoft. The same group has publicly claimed to be responsible for big hacks here huge chunks of data get stolen. After the incident with Nvidia, hackers stole 1 TB of data, and hashed employee credentials got leaked online.[5]

Such data extortion groups breach the systems, but instead of releasing additional threats like file-encrypting ransomware, hackers rely on data access and capture methods. Criminals steal data and hold on to the information. The extortion demands are still here, but actors threaten to publish the information if the demanded sum is not transferred.

However, in this case, despite the hacker group behind the attack, criminals did not succeed in obtaining of such valuable information. It seems that whoever tried to hack Ubisoft's systems failed to get proprietary data, but the investigation is still ongoing and can reveal additional details.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions