Ubisoft begins investigation after possible data leak of internal software and developer tools

Ubisoft , a French game company known for the Assassin's Creed series and the Far Cry series , has announced that it has begun an investigation into the possibility that its internal software and developer tools may have been leaked online.

Ubisoft says it's investigating reports of a new security breach
https://www.bleepingcomputer.com/news/security/ubisoft-says-its-investigating-reports-of-a-new-security-breach/

Ubisoft Probes Potential Data Breach After Alleged Internal Software Leak
https://gamerant.com/ubisoft-data-breach-leak/

Ubisoft reportedly shutdown a 'data security incident' earlier this week | Eurogamer.net
https://www.eurogamer.net/ubisoft-reportedly-shutdown-a-data-security-incident-earlier-this-week

VX-Underground , a security research group that publishes malware source code, pointed out that Ubisoft had suffered a security breach. According to VX-Underground, an unknown threat actor infiltrated Ubisoft's network on December 20, 2023 and stole data. This threat actor apparently succeeded in accessing Ubisoft's network for approximately 48 hours and attempted to extract approximately 900 GB of data. However, it is unclear how much data was actually successfully stolen.

December 20th an unknown Threat Actor compromised Ubisoft. The individual had access for roughly 48 hours until administration realized something was off and access was revoked.

They aimed to exfiltrate roughly 900gb of data but lost access.

— vx-underground (@vxunderground) December 22, 2023

Although the threat actor did not reveal how it gained access to Ubisoft's network, it suggests it was able to gain access to Ubisoft's internal tools and employee chats. . The threat actor also attempted to access Rainbow Six Siege user data, but VX-Underground says that ``this attempt failed.''

The Threat Actor would not share how they got initial access. Upon entry they audited the users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint.

They attempted to exfiltrate R6 Siege user data but were unsuccessful pic.twitter.com/EPRraDl3MT

— vx-underground (@vxunderground) December 22, 2023

The attackers accessed Ubisoft's SharePoint servers, Microsoft Teams, Confluence, and MongoDB Atlas, and took and shared screenshots. In addition, MongoDB Atlas just suffered a cyber attack in mid-December 2023, but it does not seem to be related to this security breach.

When security media Bleeping Computer contacted Ubisoft, the company said, ``We are aware of a suspected data security incident and are currently investigating. We have nothing further to share at this time.''

Furthermore, in 2020, Ubisoft experienced a security breach in which 560GB of Watch Dogs : Legion source code was leaked due to a cyberattack from the ransomware group Egregor.

Most recently, in December 2023, Insomniac Games, a game studio affiliated with Sony, was attacked by ransomware, and when it refused to pay a ransom of $2 million (approximately 280 million yen), 1.67 TB of data was stolen. It was leaked online.

1.6 terabytes of data including information on games under development from Sony's game studio 'Insomniac Games' leaks, revealing information on games under development such as new Spider-Man games - GIGAZINE