Ubisoft recently experienced a significant security breach where hackers compromised their internal systems. On December 20th, an unknown threat actor gained access to Ubisoft's network and planned to exfiltrate approximately 900GB of data. This incident lasted about 48 hours before Ubisoft's administration detected the breach and revoked the hacker's access.
The attackers audited user access rights and thoroughly reviewed internal tools like Microsoft Teams, Confluence, SharePoint, and MongoDB Atlas. Despite their efforts, it's not clear whether they successfully obtained any sensitive data. Ubisoft was quick to respond to the incident and has since been investigating the matter. They have not shared more detailed information at this time.
This breach was particularly concerning because it targeted a large volume of data, including potentially user data from Ubisoft's popular game Rainbow Six Siege. However, Ubisoft successfully thwarted the attackers before they could do significant damage.
Ubisoft's response to this security incident highlights the ongoing challenges that large companies face in protecting their digital assets and customer data from increasingly sophisticated cyber threats