Ubisoft ransomware attack gets thwarted


Ubisoft, the France-based video game publisher, recently announced that its in-house threat monitoring software successfully thwarted a ransomware attack that occurred on December 20th of this year. Despite this security success, the company is actively investigating a potential data breach that coincided with the aforementioned attack. An unidentified hacker group exploited this breach by publishing internal software information on VX-Underground.

Curiously, this data leak occurred concurrently with a security incident at another company, Insomniac, resulting in the unauthorized disclosure of game development details related to the Sony-affiliated company.

Ubisoft, currently engrossed in developing the latest installment of Avatar: Frontiers of Pandora, confirmed that this incident may have exposed over 900GB of information, and the extent of the damage is yet to be fully assessed.

This isn’t the first time Ubisoft has faced cybersecurity challenges. In 2020, the company fell victim to the Egregor Ransomware, leading to the leakage of its source code. Subsequently, in 2021-22, a data leak caused by misconfiguration disrupted games, systems, and services. The repercussions of the recent attack are still unfolding.

Over the past three years, cybercriminals have increasingly exploited the holiday season when many Western companies operate with reduced staff, creating an opportune environment for attacks. Industries such as healthcare, finance, gaming, and manufacturing are prime targets during this period. It has become imperative for companies to establish efficient backup plans to sustain operations during such incidents.

Implementing robust security measures, including encrypting data at rest and in transit, maintaining multiple copies of backed-up data for recovery purposes, and deploying vigilant threat monitoring solutions for IT assets, is crucial in mitigating the impact of such cyber threats.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display