Ubisoft Accounts Compromised by Security Breach

Ubisoft has sent out emails and set up a support thread related to a recent security breach related to Ubisoft accounts. The company says that an exploit was used to gain unauthorized access to some of its online systems resulting user names, email addresses and encrypted passwords being exposed. The company claims that it was quick to take action and that credit and debit card information was not compromised because it is not stored on the same servers as personal information.

"We recently found that one of our Web sites was exploited to gain unauthorized access to some of our online systems. We instantly took steps to close off this access, to begin a thorough investigation with relevant authorities, internal and external security experts, and to start restoring the integrity of any compromised systems.

During this process, we learned that data were illegally accessed from our account database, including user names, email addresses and encrypted passwords. No personal payment information is stored with Ubisoft, meaning your debit/credit card information was safe from this intrusion."

Ubisoft closes its message by apologizing for the security breach:

"We sincerely apologize for any inconvenience and thank you for your understanding."

The company recommends that Ubisoft account holders change their passwords immediately by following this secure link. You can also follow this official forum thread to keep up on the situation.

Thanks to Papa Midnight for the tip.


Tweet about this on TwitterShare on FacebookShare on Google+Share on RedditEmail this to someone


  1. 0
    Longjocks says:

    These companies need to start taking security more seriously these days. I really didn't care back when it was just a forum you had to log into. If my account was compromised there was no real reason to worry too much. But now they have services where you can spend money and store your purchases. The account also becomes a major part of your identity with respect to Uplay and Origin. You can't have these things while still treating security like you only have a forum.

    I said it the last time something like this happened – my bank does not have this same problem. If they can do a good job of securing my financial data then why can't companies in the IT industry?

    (Disclaimer: Forget what I said about my bank if they get hacked tomorrow)

  2. 0
    Cronniss says:

    With this happening more & more frequently, you'd THINK that companies would take the initiative and do a security sweep of their servers instead of waiting for someone to break in & go "Oops.  Our bad." and then recover from that.

    But I guess that makes too much sense.  (No wonder I never made it into management.)

Leave a Reply