Game Company Ubisoft Hacked, User Accounts Compromised
San Francisco-based gaming outfit Ubisoft announced on Tuesday that it had been hacked by an unknown party or parties, and that an undisclosed number of user accounts had been compromised.
“We recently discovered that one of our Web sites was exploited to gain unauthorized access to some of our online systems,” the company wrote in a blog post.
“During this process, we learned that data had been illegally accessed from our account database, including user names, email addresses and encrypted passwords.”
According to the company’s blog post, an employee’s credentials were stolen and used to access the company’s online network in order to gain access. Ubisoft refused to go into further detail, citing security reasons.
As of this morning, users were sent emails asking them to change their password information on their Ubisoft accounts, as well as any other passwords for websites that shared their Ubisoft password.
Ubisoft isn’t giving many exact details on the breach, but notes a few things:
- Uplay, the company’s digital distribution and rights management service (similar to Microsoft’s Xbox Live service) was not compromised, but rather targeted some of Ubisoft’s “online systems.”
- The breach, to Ubisoft’s knowledge, only affects user names, emails and passwords. Since Ubisoft doesn’t store financial info, credit and debit card data were not affected. Ubisoft claims that real names and home address information were also not affected.
Ubisoft created an online forum thread for its customers for any complaints or questions they may have, and a number of unhappy customers have already voiced their concerns.
Ubisoft’s hack is the latest in a number of Internet company security breaches. Earlier this year, Twitter disclosed that it had been the victim of a malware exploitation attack, with data from more than 200,000 user accounts potentially compromised. Shortly thereafter, a veritable laundry list of Web giants admitted that the same thing had happened to them, including Facebook, Microsoft, Apple and others.
And, in the past few years, hackers have targeted a host of major game companies; Sony’s PlayStation Network was hacked multiple times, while Blizzard — the company behind World of Warcraft — was also hacked toward the end of 2012.
Ubisoft is currently working with relevant authorities to remedy the situation, as well as with a number of both internal and external security experts.
“Unfortunately, no company or organization is completely immune to these kinds of criminal attacks,” Ubisoft said.