Gaming players are not celebrating, despite a period that is conducive to festivities and video game sales. In the week before Christmas, the Insomniac Games studio (Sony group) was targeted by ransomware.
Result: sensitive data compromised and partly revealed on the Internet, particularly regarding its next star titles. The French Ubisoft seems for the moment to have escaped such a scenario.
Investigation underway, but alleged theft prevented
“We are aware of a suspected data security incident and are currently investigating,” comments a spokesperson for the publisher. The intrusion was detected on December 26.
According to Vx-underground, the hackers had targeted the company’s servers, from which they attempted to massively extract data. Nearly 900 GB of data were targeted.
However, the attack would have been detected in time by Ubisoft’s security teams, who would have been able to close the breach. The video game publisher must, however, continue its investigations and confirm whether or not data could have been stolen before the counter-offensive.
Insomniac Game refuses to pay the ransom
As for Insomniac Game, the results no longer need to be demonstrated. Victim of ransomware, the Japanese studio refused to pay a ransom in exchange for its data. It was this refusal that triggered a disclosure of sensitive information.
“We know that the stolen data includes personal information belonging to our employees, former employees and independent contractors. It also includes early details of the development of Wolverine for the PlayStation 5,” the company responded.
AFP points out that the gaming industry is the victim of choice for pirates. Several major players have already been affected in 2023, like Rockstar Games in September. The creator of the star Grand Theft Auto license saw videos from the latest opus of his franchise being published on the Internet.
Frequently targeted game publishers
In 2021, after Capcom and Ubisoft, it was the turn of the CD Projekt Red studio to suffer a cyberattack, ransomware. At the origin of popular games like Cyberpunk 2077 and The Witcher series, the publisher declared that it refused any negotiations with the attackers.
“We will not give in to pressure or negotiate with the attacker, knowing that this could potentially lead to the disclosure of compromised data,” assured the company.
CD Projekt Red was then the fourth major game studio to fall victim to a ransom attack in the past 12 months, following the cyberattacks on Ubisoft and Crytek by the Egregor gang, and the attack on Capcom by the gang Ragnar Locker.