Cyber Incident Victim: Ubisoft
Date:
Jul 2018
Location:
France
Summary
Ubisoft experienced distributed denial-of-service (DDoS) attacks targeting its gaming servers, disrupting connectivity for titles including Ghost Recon Wildlands, For Honor, and Far Cry 5. The company acknowledged the attacks via customer support channels, confirming efforts to mitigate impacts focused on game connections and server latency but stating no evidence suggested compromised user data. Service interruptions rendered servers temporarily unreachable for players, though mitigation progress was later indicated through support interactions. The incident followed similar disruptions affecting other major gaming platforms during the same period.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 4 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 17, 2018, Ubisoft experienced widespread disruptions across its online gaming services due to distributed denial-of-service (DDoS) attacks targeting its infrastructure. The France-based video game publisher confirmed the incident through its customer support Twitter account, stating the attacks impacted players’ ability to connect to multiple titles including Ghost Recon Wildlands, For Honor, and Far Cry 5. Ubisoft identified the attacks as specifically targeting game connections and server latency, causing service degradation rather than a complete shutdown. Players reported encountering error messages such as “The For Honor servers are unreachable at this time,” indicating localized access issues. The company acknowledged it was actively monitoring the situation and implementing mitigation measures, though it did not provide real-time updates on the attacks’ duration or technical scale. User concerns about potential data compromise prompted Ubisoft to clarify that no evidence suggested personal information was at risk during the incident, emphasizing the disruptive rather than infiltrative nature of the DDoS activity.
The attacks leveraged standard DDoS methodology by flooding Ubisoft’s servers with traffic from distributed sources to overwhelm connectivity capacity. While Ubisoft never disclosed the attack’s origin, magnitude, or specific mitigation techniques, its Twitter communications indicated sustained efforts to restore normal service operations throughout July 17. The incident drew parallels to a similar DDoS attack against Blizzard Entertainment’s games the preceding week, highlighting recurring targeting of major gaming platforms. Ubisoft’s public response remained confined to Twitter updates, with no formal post-incident report detailing technical resolution timelines or operational impacts. Service restoration was inferred through the cessation of outage reports and support interactions confirming mitigation progress, though the company did not issue an all-clear notification. Player connectivity gradually normalized as attack traffic subsided, concluding the disruption without confirmed collateral damage to user accounts or backend systems.