Ubisoft’s Just Dance – One Wrong Maneuver Causes Data Breach
When a company slips, drastic consequences occur. A while ago, the Chinese VPN – QuickFox suffered a data breach due to a simple misconfiguration.
Now, a similar mistake took place with one of the biggest gaming companies in the world – Ubisoft. Apparently, the misconfiguration resulted in an attack targeting its popular video game Just Dance.
The company fixed the issue instantly. However, that didn’t stop threat actors from exploiting the data leak and accessing player data. Ubisoft addressed that minimal data was breached.
A breach in a company such as Ubisoft is huge, and we’re here to shed more light on the matter. The following article has everything you need to know about the incident.
Just Dance Breach – Ubisoft’s Misstep Costs A lot
Just Dance has been around for more than 12 years now. It’s a rhythm game where people have to be in sync with certain routines to earn points.
Aside from that, players can record their dance moves and share them with friends on social media to show others their skills.
Just like with any successful game, Ubisoft created and released yearly versions of the game. As of now, Just Dance has sold more than 80 million units.
Such huge games are always targeted by cybercriminals, regardless of the type of attack in place. Now, due to a simple misconfiguration, technical identifiers were out in the open for any hacker to access.
This includes GamerTags, profile IDs, and Device IDs. To make things worse, the data also included Just Dance videos that users recorded and uploaded for future public sharing.
According to a Ubisoft spokesperson:
“The data in question was limited to ‘technical identifiers’ which include GamerTags, profile IDs, and Device IDs as well as Just Dance videos that were recorded and uploaded to be shared publicly with the in-game community and/or on your social media profiles.”
So far, the company didn’t disclose that any sensitive user details were exposed. However, with such information, hackers can do a lot.
If they link the new information with older leaked information, they can identify and target gaming accounts. Moreover, if the user operates under the same username in different games, it makes the threat actor’s job easier than it already is.
What Can Games Do for Extra Protection?
Ubisoft Just Dance breach is a big deal. Aside from knowing about such a breach, gamers have a lot to do on their end, especially since they’re practically the main targets of the attack.
To avoid such a predicament, try following as many of these tips as you can:
- Never use the same password on different accounts.
- Try to make your passwords complex and hard to predict.
- If the option is available, use two-factor authentication.
- Always keep your devices up-to-date in terms of software.
By implementing the right security measures, you’ll be able to avoid or at least lower the chance of such data breaches.
Ubisoft Just Dance Breach – Wrong Move, Instant Breach
Ubisoft is not new to data breachers. In 2020, the company was hit by a huge ransomware attack, and in 2013, hackers harvested the information of more than 58 million users.
Ubisoft has yet to comment on the incident, but for now, everyone is advised to change their accounts’ passwords. Make sure you do that as it’s a very serious matter. Stay safe.