Ubisoft confirmed a data breach after sustaining a cyberattack. The French video game stated that unknown hackers compromised its IT infrastructure to steal gamers’ personal data. It’s found that threat actors specifically targeted Ubisoft’s popular game series Just Dance.
Ubisoft clarified that a misconfiguration resulted in unauthorized intrusion. The now fixed misconfiguration enabled the attackers to illicitly access and steal gamers’ personal information. The compromised information included technical identifiers like GamerTags, profile IDs, Device IDs, and Just Dance videos recorded and uploaded to be shared publicly with the in-game community and on your social media profiles.
“Our investigation has not shown that any Ubisoft account information has been compromised as a result of this incident. Ensuring the privacy of player data is a top priority for Ubisoft, so with full transparency, we wanted to update the community around this incident. All players impacted by this will receive an email shortly and can follow up with our Support team for more info. We have taken all the proactive measures necessary to secure our infrastructure from future incidents, and we thank you for your understanding,” Ubisoft said.
Gamers’ Data on Dark Web!
Trading stolen users’ information on the dark web has become prevalent. Recently, Kaspersky researchers have discovered an advanced Trojan, called the BloodyStealer, sold on darknet forums and used to harvest gamers’ accounts across widely used gaming platforms such as Steam, Epic Games Store, and EA Origin. The Online Gaming industry has become one of the driving forces behind internet penetration to the most remote locations worldwide. Statista, in its global video game market report, projects the industry revenue from the video game market to surpass 138 billion USD by 2021. Given the might of the market, it is a constant favorite of cyberattacks.