Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Ubisoft Confirms Unauthorized Access to ‘Just Dance’ User Data

French video game company Ubisoft this week confirmed that ‘Just Dance’ user data was compromised in a recent cybersecurity incident.

The data breach was the result of a misconfiguration that has since been corrected, but not before player data was accessed and potentially copied by a third party.

French video game company Ubisoft this week confirmed that ‘Just Dance’ user data was compromised in a recent cybersecurity incident.

The data breach was the result of a misconfiguration that has since been corrected, but not before player data was accessed and potentially copied by a third party.

The incident was limited to the company’s IT infrastructure targeting Just Dance, and the compromised data only included ‘technical identifiers’, according to a disclosure note from Ubisoft.

“The data in question was limited to ‘technical identifiers’ which include GamerTags, profile IDs, and Device IDs as well as Just Dance videos that were recorded and uploaded to be shared publicly with the in-game community and/or on your social media profiles,” the gaming giant said.

Ubisoft claims that its investigation into the incident hasn’t revealed the compromise of Ubisoft account information during the incident.

The company also says it has strengthened its infrastructure to prevent similar incidents in the future. It also started sending out emails to the affected players, to inform them of the incident.

Related: HPE Says Customer Data Compromised in Aruba Data Breach

Related: Panasonic Investigating Data Breach

Related: IBM: Average Cost of Data Breach Exceeds $4.2 Million

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.