Cyber Incident Victim: Activision Blizzard

On September 23, 2014, hacker group Lizard Squad conducted distributed denial-of-service (DDoS) attacks against servers supporting Activision Blizzard’s *Call of Duty: Ghosts* and *Destiny* online gaming platforms. This incident occurred shortly after Lizard Squad’s August 2014 DDoS attack on Sony’s PlayStation Network and contradicted the group’s earlier public statement about ceasing operations. The attacks overwhelmed the games’ servers, forcing them offline and disrupting player access. Lizard Squad publicly claimed responsibility for the outages through social media posts linked in contemporaneous reporting. The group’s actions extended a pattern of targeting high-profile gaming infrastructure, leveraging readily available DDoS tools to execute their disruptions.

The attacks prevented players from accessing *Call of Duty: Ghosts* and *Destiny* multiplayer functionalities during the outage period. Security firm Incapsula analyzed the broader context of such incidents, noting gaming platforms faced increasing DDoS threats from actors including disgruntled players, commercial competitors, and extortionists. The firm highlighted the accessibility of “DDoS-as-a-service” platforms, which enabled attacks for under $50, coupled with the immediate visibility such actions provided perpetrators. Incapsula emphasized that gaming operators needed to integrate DDoS mitigation into operational planning due to the escalating frequency and ease of execution. No specific remediation actions by Activision Blizzard were detailed in the source material, though the incident underscored the gaming industry’s vulnerability to low-cost, high-impact disruptions aimed at maximizing reputational damage and player frustration.