Virtual Event Today: Supply Chain Security Summit - Join Event In-Progress

Security Experts:

Connect with us

Hi, what are you looking for?



Ubisoft Resets Employee Passwords Following Cyberattack

Ubisoft says it has initiated a company-wide password reset operation after learning that it fell victim to a cyberattack.

Ubisoft says it has initiated a company-wide password reset operation after learning that it fell victim to a cyberattack.

In a short cyber incident notification, the French video game company said that the attack – which took place during the week of March 1 – caused some disruptions, but provided no specific details on that.

“Ubisoft experienced a cybersecurity incident that caused temporary disruption to some of our games, systems, and services. Our IT teams are working with leading external experts to investigate the issue,” the company said.

The company also announced that all of its games and services were quickly restored, and that the attack did not result in the personal information of players being compromised.

“As a precautionary measure we initiated a company-wide password reset,” the video game developer said.

While Ubisoft did not share information on the attackers, it appears that the same hacking group that recently claimed responsibility for cyber incidents at NVIDIA, Samsung, and Vodafone might have been involved.

On a Telegram channel supposedly run by the “Lapsus$” extortion group, one of the admins posted a link to a news article on the Ubisoft attack, followed by the smirking face emoji, which may suggest the group is taking responsibility for the breach. 

Ubisoft hacked

In the case of NVIDIA, Samsung and Vodafone, the hackers claimed to have stolen large amounts of source code.

This is the second cyber incident that Ubisoft discloses over the course of three months. In December 2021, the company announced that ‘Just Dance’ user data was compromised due to a misconfiguration in the company’s IT infrastructure.

Related: Credentials of 71,000 NVIDIA Employees Leaked Following Cyberattack

Related: Ubisoft Confirms Unauthorized Access to ‘Just Dance’ User Data

Related: Business Services Firm Morley Discloses Data Breach Affecting 500,000 People

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.