Ubisoft fans need to change their passwords now

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)

A recent disruption to Ubisoft gaming services could be down to a cyberattack by the group claiming to be behind the recent Nvidia and Samsung hacks.

Ubisoft is one of the world’s biggest video games companies, pushing out AAA titles such as the Far Cry and Assassin’s Creed series.

The company notified its users and customers of a temporary disruption, and whilst that announcement said nothing of the potential perpetrators, or how its endpoints were compromised, the Lapsus$ group shared the announcement a day later, together with a smirking face emoji.

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> <a href="https://project.tolunastart.com/s/Cy37RiA" data-link-merchant="project.tolunastart.com"" target="_blank">Click here to start the survey in a new window <<

In the follow-up discussion with their followers, the group “confirmed” not targeting Ubisoft’s customer information.

Ubisoft user data

Ubisoft said much the same in its announcement, stating that “at this time there is no evidence any player personal information was accessed or exposed as a by-product of this incident” and adding that it restored all of its services. 

Still, the company suggested all users reset their passwords, just to be on the safe side. 

Lapsus$ has been extremely active in these last couple of months. In early March, it breached Nvidia’s defenses, reportedly making off with a terabyte of sensitive data, including employee login credentials.

The group later said that the data stolen helped the group create a tool that bypasses the hash rate limiter placed on some of the RTX-30 series Nvidia GPUs, often used by Ethereum miners. The tool was allegedly being sold on the black market for $1 million, but whether or not it works, or if it's just another virus, has not yet been confirmed.

Lapsus$ also said it compromised Samsung’s network, and stole almost 200 GB of some extremely sensitive data. 

The data allegedly included the source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations; algorithms for all biometric unlock operations; bootloader source code for all recent Samsung devices; confidential source code from Qualcomm; source code for Samsung’s activation servers; full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services.

The group also claims to have hit Vodafone, but so far no data leaks have been confirmed, or company information revealed.

Via: The Verge

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.