Ubisoft has confirmed a recent “cybersecurity incident”, but insists it did not result in the theft or exposure of user data.
The video game giant, headquartered in Montreuil, France, said on March 10 that the incident took place earlier this month and resulted in “a temporary disruption to some of our games, systems and services”.
Ubisoft’s IT team is currently working with cybersecurity experts to analyze the situation, and has decided to launch a company-wide password reset for now. However, no other security measures or changes have been made public.
Separately, the company claims that the games and services are now working properly and that there is no evidence, at this time, that “players’ personal information was accessed or exposed as a result of this incident.”
As reported by The Verge, cybercriminal group LAPSUS$ claimed responsibility for the computer attack.
LAPSUS$ previously claimed responsibility for the February Nvidia hack, in which the group claimed to have stolen around 1TB of data. Nvidia employee IDs leaked in hash form.
“We are aware that the malicious actor took employee passwords and certain Nvidia proprietary information from our systems and began leaking them online,” Nvidia responded, as the incident became public. . “Our team is working on analyzing this information. All employees have been asked to change their passwords.”
In December 2021, Ubisoft stated that a cyberattack had been launched against the Just Dance game’s IT infrastructure. This incident was caused by a “misconfiguration” which has since been resolved.
Source: “ZDNet.com”