Cyber Incident Victim: Ubisoft
Date:
Dec 2021
Location:
France
Summary
Ubisoft experienced a cyberattack targeting its Just Dance infrastructure due to a misconfiguration, which was promptly rectified but allowed unauthorized access to technical identifiers such as GamerTags, profile IDs, Device IDs, and publicly uploaded game videos, though no account credentials were compromised. The company notified affected users and encouraged enhanced security practices while addressing concurrent developer departures linked to compensation and organizational challenges that impacted game development operations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 21, 2021, Ubisoft confirmed a cyberattack targeting its IT infrastructure that specifically impacted the Just Dance game ecosystem. The breach occurred due to a misconfiguration within the company’s systems, which unauthorized individuals exploited to access and potentially copy certain player data. Ubisoft identified the misconfiguration and resolved it promptly, though the window of exposure allowed attackers to obtain technical identifiers including GamerTags, profile IDs, Device IDs, and videos recorded and publicly uploaded by Just Dance players. The company clarified that no account credentials, financial information, or other sensitive authentication data were compromised in the incident. Affected users received direct email notifications detailing the scope of the breach and guidance on protective measures. Ubisoft advised players to reset passwords and enable two-factor authentication as precautionary steps despite the absence of evidence suggesting account compromise. The breach disclosure coincided with internal challenges at Ubisoft, including significant staff departures attributed to compensation disputes and organizational instability.
Concurrently, Ubisoft faced operational strain from what it described as a "great exodus" of developers, which reportedly hindered game development efforts. Employee departures were linked to longstanding grievances over low pay and structural issues within the company’s management framework. While unrelated to the breach itself, this workforce reduction compounded operational pressures during the incident response phase. Ubisoft emphasized implementing proactive security enhancements across its infrastructure to prevent future attacks, though specific technical or procedural changes were not detailed in the disclosure. The company maintained that the breach’s impact remained confined to non-critical player identifiers and publicly shared video content, with no evidence of malicious misuse reported at the time of confirmation. Ubisoft’s public communications focused on transparency regarding the accessed data categories while downplaying risks of identity theft or account takeover stemming from the incident.