December 22, 2023 at 01:18PM
French video game publisher Ubisoft is investigating a potential breach after images of its internal software and developer tools were leaked online. Security research collective VX-Underground shared screenshots suggesting unauthorized access to Ubisoft’s internal services. The threat actor claimed to have accessed various platforms and attempted to steal user data from the Rainbow 6 Siege game. Ubisoft is currently investigating the incident.
Based on the meeting notes provided, it seems that Ubisoft is currently investigating an alleged data security incident after images of the company’s internal software and developer tools were leaked online. The security research collective VX-Underground shared screenshots that appear to be from the company’s internal services, and an unknown threat actor claimed to have breached Ubisoft’s systems on December 20th, with plans to exfiltrate around 900GB of data. The threat actor also claimed to have gained access to various services, including the Ubisoft SharePoint server, Microsoft Teams, Confluence, and MongoDB Atlas panel. However, it is worth noting that MongoDB Atlas recently disclosed a breach, but it does not appear to be related to this incident.
Additionally, the threat actors attempted to steal data related to the Rainbow 6 Siege game but were detected and lost access before they could do so. It’s also mentioned in the notes that Ubisoft experienced previous breaches in 2020 and 2022, indicating a history of security incidents.
If you have any additional questions or need further details about this incident or another attack, please let me know, and I can provide the relevant information based on the available resources.