There was a cybersecurity incident at publisher Ubisoft, in the course of which all employees’ passwords were reset.
There was a cybersecurity incident at publisher Ubisoft.
Games publisher Ubisoft confirmed this week that there was a “cybersecurity incident” at the company. This led to interruptions for systems, services and games. Several Ubisoft users reported problems accessing Ubisoft services last week.
Is LAPSUS$ behind the security incident?
The rumor has it that a hack by the LAPSUS$ extortion group is behind the incident. In the past, the hackers had targeted Nvidia, Samsung and Mercado Libre, among others. However, this assumption was not confirmed by Ubisoft.
“Over the past week, Ubisoft has experienced a cybersecurity incident that has temporarily disrupted some of our games, systems and services,”
explains Ubisoft today in a press release.
“Our IT teams are working with leading external experts to investigate the issue. As a precaution, we have initiated a company-wide password reset.”
the publisher continues.
Incident occurred on March 4, 2022
According to Downdetector, the cybersecurity incident occurred on March 4, 2022. So far, there is no evidence that personal data of players was stolen in the incident. According to Ubisoft, all services and games are now fully usable again.
LAPSUS$ come out as perpetrators via Telegram
The blackmailers themselves provided indications that LAPSUS$ could be behind the hack. The hackers in a Telegram group reacted to the first report of the incident by the IT magazine The Verge with a smiling emoji.
LAPSUS$ has released several gigabytes of data allegedly stolen from Samsung, Nvidia and Mercado Libre in the last few weeks. Unlike ransomware extortionists, who encrypt company data and give out the key in return for paying a ransom, ransomware groups like LAPSUS$ have released the data stolen as part of the hack if their demands are not met. It is still unclear whether the group managed to steal confidential company data from Ubisoft.