Video game giant Ubisoft has confirmed cyberattack on its IT infrastructure targeting popular gaming Just dance.
The incident “is the result of a bad configuration which, once identified, was quickly corrected, but which allowed unauthorized persons to access certain personal data of the players and possibly copy them”, explains the company.
Ubisoft did not give more details on the number of people affected by the incident.
A limited data breach
“The data in question was limited to ‘technical identifiers’, including GamerTags, profile identifiers and device identifiers, as well as videos Just dance which have been recorded and downloaded to be shared publicly with the game community and / or on your social network profiles ”, specifies the team of Just dance in a note on the Ubisoft forum. “Our investigation does not show that Ubisoft account information was compromised as a result of this incident. “
Anyone affected by this breach will receive an email from Ubisoft and more information through the company’s support team.
Ubisoft urges gamers to enable two-factor authentication and reset any password.
The problems follow one another for Ubisoft
Ubisoft adds that it has taken “all the necessary proactive measures” to secure its infrastructure against future cyber attacks.
Still, the flaw poses real questions about the security of its infrastructure. According to the Axios media outlet, the video game publisher has faced a wave of departures over the past 18 months due to low salaries, organizational dysfunctions and a series of scandals. A developer who recently left the company said that a colleague had contacted him to ask for help fixing a game, because no one in the company anymore knew what to do.
Ubisoft employees call this episode “the great exodus”. They explain that the loss of talent affects their ability to produce games. Several hundred current and former employees signed an open letter earlier this year, criticizing Ubisoft for not doing enough to fix problems within the company.
In October 2020, the Egregor ransomware gang claimed to have entered Ubisoft’s network and stole data, disclosing around 20MB on its leak site. The video game publisher has never commented on this breach. The company was also attacked in 2013. According to the BBC, the accounts of 58 million people had been consulted. In addition, Ubisoft has sold millions of copies of Just dance since its launch in 2009.
Source: ZDNet.com