Ubisoft reveals 'security incident' forcing company-wide password refresh

Ubisoft has confirmed a recent “cybersecurity incident” but insists it has not led to user data theft or exposure. 

The gaming giant, headquartered in Montreuil, France, said on March 10 that the incident took place earlier this month, causing “temporary disruption to some of our games, systems, and services.”

Ubisoft’s IT team is currently working with cybersecurity experts to investigate the situation and, as of now, has decided to initiate a company-wide password reset. However, no further security measures or changes have been made public.  

Furthermore, the company says that games and services are now working properly, and there is no evidence, at present, of “any player personal information [being] accessed or exposed as a by-product of this incident.”

As reported by The Verge, the LAPSUS$ ransomware gang may be responsible and has reportedly taken credit. 

LAPSUS$ previously claimed responsibility for February’s Nvidia hack, in which the group claimed to have stolen approximately 1TB in data. Hashed Nvidia employee credentials were leaked. 

“We are aware that the threat actor took employee passwords and some Nvidia proprietary information from our systems and has begun leaking it online,” the vendor responded at the time the incident was made public. “Our team is working

Read More: https://www.zdnet.com/article/ubisoft-reveals-security-incident-forcing-company-wide-password-refresh/#ftag=RSSbaffb68