Cyber Incident Victim: Activision Blizzard
Date:
Sep 2016
Location:
United States of America
Summary
A distributed denial-of-service (DDoS) attack targeted a major gaming company's online servers, causing widespread latency and connectivity issues across multiple popular titles on PC and console platforms. The hacker group PoodleCorp claimed responsibility for the disruption, marking their third attack against the company that week and part of a broader pattern of targeting gaming services. The group demanded social media engagement to cease the attack, which temporarily disrupted authentication and gameplay before services were restored. This incident followed similar prior attacks by PoodleCorp against other gaming platforms, including Electronic Arts and Rockstar Games, demonstrating repeated disruptive tactics against online gaming infrastructure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On September 18, 2016, Blizzard Entertainment's Battle.net online gaming service experienced a distributed denial-of-service (DDoS) attack that disrupted connectivity for players across multiple platforms, including Xbox One, PS4, and PC. The hacker group PoodleCorp claimed responsibility for the attack, which marked the third service interruption that week following prior outages on September 13 and 16. The attack caused significant latency issues and login failures affecting major titles such as Overwatch, World of Warcraft, Hearthstone: Heroes of Warcraft, and Diablo 3. Blizzard confirmed the incident via its customer support Twitter account, stating they were actively monitoring the DDoS targeting their network providers. This followed a pattern of disruptions earlier in the week when players encountered authentication and server access problems during the September 13 and 16 incidents, though attribution for those prior outages was not explicitly stated in available reports.
PoodleCorp issued a public demand on Twitter to cease the attack, conditioning server restoration on achieving 2,000 retweets of their post. After users fulfilled this requirement, the group halted the attack, and Blizzard subsequently confirmed service restoration. This incident continued a trend of DDoS attacks against Blizzard in 2016, including April attacks by Lizard Squad and two August incidents attributed to PoodleCorp. An additional unclaimed cyberattack had disrupted services from August 30-31. PoodleCorp had previously targeted other gaming companies, including a DDoS attack against Electronic Arts' Battlefield 1 open beta earlier in September, and July attacks on Rockstar Games' Grand Theft Auto Online and Niantic's Pokémon Go servers. The group also referenced Sony's PlayStation Network outages in September without claiming direct responsibility, while publicly announcing intentions to target Battlefield's October 21 release. Despite these disruptions, the affected games maintained substantial player engagement, with Battlefield 1's beta attracting over 13.2 million participants.