Security Experts:

Ubisoft Resets Employee Passwords Following Cyberattack

Ubisoft says it has initiated a company-wide password reset operation after learning that it fell victim to a cyberattack.

In a short cyber incident notification, the French video game company said that the attack – which took place during the week of March 1 – caused some disruptions, but provided no specific details on that.

“Ubisoft experienced a cybersecurity incident that caused temporary disruption to some of our games, systems, and services. Our IT teams are working with leading external experts to investigate the issue,” the company said.

The company also announced that all of its games and services were quickly restored, and that the attack did not result in the personal information of players being compromised.

“As a precautionary measure we initiated a company-wide password reset,” the video game developer said.

While Ubisoft did not share information on the attackers, it appears that the same hacking group that recently claimed responsibility for cyber incidents at NVIDIA, Samsung, and Vodafone might have been involved.

On a Telegram channel supposedly run by the “Lapsus$” extortion group, one of the admins posted a link to a news article on the Ubisoft attack, followed by the smirking face emoji, which may suggest the group is taking responsibility for the breach. 

Ubisoft hacked

In the case of NVIDIA, Samsung and Vodafone, the hackers claimed to have stolen large amounts of source code.

This is the second cyber incident that Ubisoft discloses over the course of three months. In December 2021, the company announced that 'Just Dance' user data was compromised due to a misconfiguration in the company’s IT infrastructure.

Related: Credentials of 71,000 NVIDIA Employees Leaked Following Cyberattack

Related: Ubisoft Confirms Unauthorized Access to 'Just Dance' User Data

Related: Business Services Firm Morley Discloses Data Breach Affecting 500,000 People

view counter