French game maker Ubisoft has admitted that hackers have breached its networks, gaining access to usernames, email addresses and encrypted passwords. The incident likely affects millions of people worldwide.
PCMag’s Max Eddy reported, “Yesterday, French video game publisher Ubisoft alerted fans that customer information had been accessed by an attacker. The company advises everyone with an Ubisoft account to log in and change their passwords, but victims might have other dangers ahead. On the Ubisoft blog, Gary Steinman writes that user names, email addresses, and encrypted passwords were accessed during the intrusion. That’s the bad news, but here’s the good news: because Ubisoft does not store payment information, no credit card or other sensitive data was accessed.”
Matt Peckham with Time added, “The France-based company says it ‘instantly took steps’ to seal the breach and began investigating ‘with the relevant authorities, internal and external security experts, and to start restoring the integrity of any systems that may have been compromised.’ Ubisoft notes that Uplay, the company’s in-game digital distribution and multiplayer service, was not impacted — only Ubisoft’s website, though you can use your Uplay account credentials to log into the site, so I’m guessing Uplay accounts are at risk as well.”
Paresh Dave with the Los Angeles Times noted, “The company didn’t disclose how many of its users were hit, but it has sold more than 55 million of its top game…. Many websites automatically reset user passwords after a data breach. But Ubisoft took a different approach, recommending via email that users manually update their passwords on its website and any other websites where users might use a similar password.”
The Guardian’s Keith Stuart observed, “Ironically, the company is currently working on a new game, Watch Dogs, in which hacking is a central component. The development team reportedly hired an expert from Kaspersky Lab to ensure the depiction of hacking was accurate.”