The French video game company Ubisoft confirmed on Friday that it was the victim of a “cybersecurity incident”, which caused temporary disruptions to its games, systems and services.
The company stated that the breach is being investigated and that it has initiated a password reset across the entire company as a precautionary measure. “In addition, we can confirm that all our games and services are operating normally and that, at this time, there is no evidence that players' personal information has been accessed or exposed as a result of this incident”, the company said in a statement.
The technology news site The Verge, which was the first to report on the event, dijo que el grupo criminal LAPSUS$ parecía confirmar su implicación, aunque hay que señalar que no ha sido muy explícito a la hora de atribuirse el mérito como hizo en otros casos de hackeos muy sonados.
A diferencia de otros grupos de ransomware que roban y encriptan información de propiedad a cambio de un rescate, LAPSUS$ extorsiona a los objetivos saqueando los datos sensibles y manteniéndolos como rehenes, y amenazando con filtrarlos si no se cumplen sus demandas.