Contents:
Game developer Activision confirms that it suffered a data breach in December 2022. The threat actors gained access to the company’s internal systems by tricking an employee with an SMS phishing text.
The company declared that the incident has not compromised the games’ source code or player details.
What Did the Breach Reveal?
BleepingComputer reached out to Activision to gain more information on the breach. A spokesperson declared the following:
On December 4, 2022, our information security team swiftly addressed an SMS phishing attempt and quickly resolved it. Following a thorough investigation, we determined that no sensitive employee data, game code, or player data was accessed.
Activision Spokesperson (Source: BleepingComputer)
However, according to security research group vx-underground, the threat actor also “exfiltrated sensitive workplace documents” together with the content release schedule for 2023.
The researchers shared screenshots showing that during the cyberattack the threat actors gained access to an employee’s Slack account and tried to trick other employees into accessing malicious links.
.@Activision was breached December 4th, 2022. The Threat Actors successfully phished a privileged user on the network. They exfiltrated sensitive work place documents as well as scheduled to be released content dating to November 17th, 2023.
Activision did not tell anyone. pic.twitter.com/urD64iIlC5
— vx-underground (@vxunderground) February 20, 2023
Video game publication Insider Gaming obtained and analyzed the entire leak, showing that the cache contained full names, phone numbers, email addresses, work locations, salaries, and other sensitive information of the Activision employees. Insider Gaming also claims that the employee hacked was part of the Human Resources department and had access to a large amount of employee details.
BleepingComputer had no access to the leaked data but has learned that the information on games shared online was based on marketing materials. Fortunately, the development environment was not affected by the breach.
Game Developers and Publishers, Targeted More Often
Leaks on game developers have become increasingly popular recently. Popular or highly anticipated games are heavily targeted by threat actors to demand ransomware from the publishers or just to leak materials on the Internet in hope of speeding up the releases. A highly covered incident occurred last year, when Rockstar Games and its parent company, Take-Two Interactive, had footage leaked of one of the most anticipated games ever to release, GTA VI.
A more recent incident involved League of Legends developer, Riot Games, which fell for a social engineering attack, leading to threat actors demanding $10 million to not release the sensitive information they got a hold on.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.