In the previous week, Ubisoft experienced a cybersecurity incident that disrupted their systems, services, and games, as reported by company officials. This news broke out when several users of Ubisoft reported issues while accessing one or the other services of Ubisoft. LAPSUS$, a data extortion group, was allegedly behind this attack. This group has also claimed responsibility for hacking Mercado Libre, Samsung, and NVIDIA.
Join our weekly newsletter and get the latest cybersecurity updates delivered directly to your inbox
Ubisoft is renowned for its production of games such as Watch Dogs, Rabbids, Assassin’s Creed, For Honor, Far Cry, Prince of Persia, Just Dance, Tom Clancy’s, and Rayman. The headquarters of Ubisoft is in Montreuil, while studios are in multiple locations around the world.
What Happened Exactly at Ubisoft?
The issue of the cybersecurity incident came to light when Downdetector and Twitter reported issues while accessing some services from Ubisoft. The news of the incident was first reported by The Verge. In response to the article published by Verge, the telegram group of Lapsus$ reacted with a smirking emoji, giving hints about being the attacker.
However, the company notified that no exposure of personal information or any data leak took place. Along with that, no information about the players was exposed during the incident. This incident occurred amidst a series of high-profile attacks.
Previously, Lapsus$ exposed a huge amount of confidential and proprietary data, which they stole from Mercado Libre, NVIDIA, and Samsung. NVIDIA reported being hacked on March 1st, in which threat actors leaked employee credentials. Similarly, Samsung broke the news on March 7th about their data breach, where attackers stole source code for Galaxy devices and internal company data.
How Did Ubisoft Respond to This Attack?
To resolve this incident, Ubisoft initiated a company-wide password reset. The objective of this step was to contain the incident so that they could block access for cybercriminals.
Awareness Inculcates a Proactive Approach to Cyber Defense
Cybersecurity awareness has become a dire need for organizations to prevent cyber attacks. Many organizations are employing tools and services to train their employees so that they can defend themselves against cyber attacks. Cybersecurity awareness training for employees inculcates a proactive approach to dealing with cyber threats and risks.