This morning, Ubisoft sent out an email notifying users about a security ‘update’. Anyone that has had experience with any online service that uses passwords will know that this usually means that they’ve been hacked. Upon looking into it further, Ubisoft has admitted that hackers gained access to one of their websites and had managed to obtain important user data that could potentially make a person’s account vulnerable.
The data that had been nabbed by these hackers was primarily login information, which includes usernames, passwords and associated email addresses. Ubisoft was very clear that users’ payment information had not been compromised, but that still does not make anyone that much happier that their supposedly secure information had been compromised. The passwords themselves are encrypted, but there’s no saying how long it’ll take the hackers to decrypt that information and gain access to those passwords.
Additionally, Ubisoft has not specifically detailed exactly how many accounts have been affected, which is a bit concerning because usually companies are very straightforward with how many users are ‘potentially’ affected. Since Ubisoft requires almost all of their games (PC) to have some sort of a login process (which I personally loathe) in order to play, there’s a potential user base of millions if not tens of millions. Ubisoft maintains that they have already addressed the issues at hand and have launched investigations into the hacking event. Perhaps if their DRM (UPlay) didn’t require users to have a login account and all of that wonderful identifying information there wouldn’t be such a big juicy target for hackers to want to go after?
We have reached out to the company to see how many users have been affected by this security breach.