Ubisoft, one of the giants in the gaming world, recently dodged a major cyber bullet. On December 20th, they had a bit of a situation, an unknown hacker got into their system. This wasn’t just a quick in-and-out either; the intruder hung around for a solid 48 hours. But here’s where it gets interesting, they were aiming big, trying to swipe around 900GB of data.
While this hacker was lurking in the shadows, they were pretty busy. They didn’t just take a peek around, they audited user access rights and took a deep dive into Ubisoft’s internal tools like Microsoft Teams, Confluence, and SharePoint. And get this, they even tried to get their hands on Rainbow Six Siege user data. But luck wasn’t on their side, and they couldn’t pull it off.
Now, here’s the cool part about Ubisoft. Their admin team was on the ball. They noticed something fishy going on and acted fast. They cut off the hacker’s access before they could make off with the data. Talk about a close call.
The Threat Actor would not share how they got initial access. Upon entry they audited the users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint.
They attempted to exfiltrate R6 Siege user data but were unsuccessful pic.twitter.com/EPRraDl3MT
— vx-underground (@vxunderground) December 22, 2023
This whole episode puts a spotlight on the importance of being alert in the cyber world, especially after what happened with Insomniac Games and their ‘Mega hack’ ordeal. Ubisoft’s quick thinking and action not only saved a massive chunk of data but also showed how crucial it is to have tight security measures in place.
And for those wondering where this info comes from, it’s straight from vx-underground, a reliable source in the world of cyber security.
