Cyber Incident Victim: Ubisoft

On October 5, 2018, during the launch of *Assassin’s Creed Odyssey*, Ubisoft experienced distributed denial-of-service (DDoS) attacks that disrupted player access to the game. The attacks overwhelmed Ubisoft’s servers, causing connectivity issues and increased server latency, which prevented players from accessing the online components of the newly released title. Social media platforms saw widespread complaints from users unable to play the game, prompting Ubisoft to acknowledge the incident publicly on its official forums. The company confirmed it was mitigating a "series of DDoS attacks," describing such incidents as common for online service providers. Ubisoft did not identify the attackers or their motives but emphasized ongoing efforts to stabilize services. The disruption occurred despite the high-profile nature of the launch, highlighting the operational risks associated with major online game releases.

The incident underscored the vulnerability of online gaming platforms to DDoS attacks, which NetScout Arbor’s research identified as the top motivator for such attacks at the time, surpassing extortion or demonstrations of hacking capabilities. Ubisoft’s response focused on technical mitigation without disclosing specific countermeasures or the attack’s duration. The company’s statement avoided speculation about whether the attackers were competitors, disgruntled individuals, or groups seeking notoriety, though the article noted these as common motivations in gaming-related DDoS cases. While no financial impact was quantified, the attack risked reputational damage by undermining player confidence during a critical sales period. The event exemplified the broader challenge for publishers investing heavily in online infrastructure, where even non-financially motivated disruptions can incur significant costs and operational strain.