Ubisoft fans need to change their passwords now

Representational image depecting cybersecurity protection

(Image credit: Shutterstock)

A recent disruption to Ubisoft gaming services could be down to a cyberattack by the group claiming to be behind the recent Nvidia and Samsung hacks.

Ubisoft is one of the world’s biggest video games companies, pushing out AAA titles such as the Far Cry and Assassin’s Creed series.

The company notified its users and customers of a temporary disruption, and whilst that announcement said nothing of the potential perpetrators, or how its endpoints were compromised, the Lapsus$ group shared the announcement a day later, together with a smirking face emoji.

Ubisoft user data

Ubisoft said much the same in its announcement, stating that “at this time there is no evidence any player personal information was accessed or exposed as a by-product of this incident” and adding that it restored all of its services.

Still, the company suggested all users reset their passwords, just to be on the safe side.

Lapsus$ has been extremely active in these last couple of months. In early March, it breached Nvidia’s defenses, reportedly making off with a terabyte of sensitive data, including employee login credentials.

The group later said that the data stolen helped the group create a tool that bypasses the hash rate limiter placed on some of the RTX-30 series Nvidia GPUs, often used by Ethereum miners. The tool was allegedly being sold on the black market for $1 million, but whether or not it works, or if it's just another virus, has not yet been confirmed.

> Nvidia hackers claim they also hit Vodafone, threaten data leak

> Stolen Nvidia code signing certificates used to sign off malware

> Nvidia hackers hit Samsung and leak huge data dump

Lapsus$ also said it compromised Samsung’s network, and stole almost 200 GB of some extremely sensitive data.

The data allegedly included the source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations; algorithms for all biometric unlock operations; bootloader source code for all recent Samsung devices; confidential source code from Qualcomm; source code for Samsung’s activation servers; full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services.

The group also claims to have hit Vodafone, but so far no data leaks have been confirmed, or company information revealed.

Here's our rundown of the best firewalls right now

Via: The Verge

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.