Posted on mongodb google news. Visit mongodb google news

An open-source community which is popular amongst threat researchers, VX-Underground has revealed that hackers have tried to steal 900GB of Ubisoft’s data. The community shared a post on its official X account to reveal that the game maker’s internal services were compromised in this data breach.
According to a report by Engadget, hackers also attempted to steal the user data of the popular online tactical shooter video game Rainbow Six Siege.The report claims that Ubisoft spotted the breach 48 hours later and was able to revoke the hackers’ access before they were able to exfiltrate the data.
In a statement to BleepingComputer, Ubisoft said, “We are aware of an alleged data security incident and are currently investigating. We don’t have more to share at this time.”
How hackers targeted Ubisoft
VX-Underground posted retrieved screenshots which were shared by the attacker. These screenshots allegedly showed that they accessed Ubisoft’s internal software and developer tools like the company’s Microsoft Teams conversations, SharePoint server, Confluence and MongoDB Atlas.
In a post on X, VX-Underground wrote: “The threat actor would not share how they got initial access. Upon entry they audited the users’ access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint.”

However, the report didn’t specify if hackers were able to get any sensitive information before Ubisoft shut the whole thing down.
Earlier this month, MongoDB Atlas also disclosed a breach. However, based on the company’s disclosure, it does not appear that these two incidents are related.
Ubiosoft’s previous data breaches
Ubisoft is a France-based video game publisher which is known for popular titles like — Assassin’s Creed, FarCry, Tom Clancy‘s Rainbow Six Siege, and the latest Avatar: Frontiers of Pandora.
In 2020, Ubisoft was breached by the Egregor ransomware gang. This group was successful in stealing and releasing portions of the company’s Watch Dogs title’s source code. In 2022, the company suffered a second breach that disrupted its games, systems and services.

Article originally posted on mongodb google news. Visit mongodb google news