Ubisoft confirms ‘cybersecurity incident’, resets employee passwords

game is over

Video game developer Ubisoft has confirmed it has faced a “cybersecurity incident” that has disrupted its games, systems and services.

The announcement comes after multiple Ubisoft users reported problems accessing their Ubisoft service last week.

Data extortion group LAPSUS$, which has so far claimed responsibility for hacking into Samsung, NVIDIA and Mercado Libre, appears to be behind this incident.

Ubisoft launches ‘company-wide password reset’

Video game production giant Ubisoft claims it experienced a cybersecurity incident sometime last week.

“Last week, Ubisoft experienced a cybersecurity incident that caused a temporary outage in some of our games, systems and services,” the company said in a brief press release.

“Our IT teams are working with leading third-party experts to investigate the issue. As a precautionary measure, we have initiated a company-wide password reset.”

Headquartered in Montreuil and studios around the world, the gamemaker has repeatedly produced hit titles including Assassin’s Creed, Far Cry, For Honor, Just Dance, Prince of Persia, Rabbids, Rayman, Tom Clancy’s and Watch Dogs.

On March 4, users on Twitter and Downdetector reported problems accessing some of Ubisoft’s services, which appear to be related to this incident:

Ubisoft down tweetsUbisoft users reported issues last week (Twitter)

At this time, there is no evidence that any players’ personal information came to light during the incident.

The company confirms that all Ubisoft games and services are now functioning normally.

LAPSUS$ group reacts to the revelation

The news from Ubisoft confirming the cybersecurity incident was first reported by The Verge.

Moments later, administrators of what is believed to be the Lapsus$’ Telegram group responded to The Verge’s initial report with a grinning emoji, insinuating that Lapsus$ is behind the hack:

Lapsus$ appears to be claiming responsibilityLapsus$ group appears to claim responsibility on Telegram (BleepingComputer)

Lapsus$ has previously leaked gigabytes of proprietary data purportedly stolen from leading companies as Samsung, NVIDIA and Mercado Libre confirmed this month they had suffered a breach.

Data extortion groups like Lapsus$ breach victims, but unlike encrypting confidential files as a ransomware operator would do, these actors steal and hold victims’ proprietary data, and publish it if their extortion demands are not met.

In 2020, Egregor ransomware had hit game developer Crytek and leaked what they believed to be files stolen from Ubisoft’s network. Although Ubisoft did not confirm the authenticity of the claim at the time.

In this case, however, it appears that Lapsus$ or another threat actor was unable to get their hands on Ubisoft’s proprietary data, and the investigation continues.

This post Ubisoft confirms ‘cybersecurity incident’, resets employee passwords

was original published at “https://www.bleepingcomputer.com/news/security/ubisoft-confirms-cyber-security-incident-resets-staff-passwords/”