Ubisoft, the renowned video game developer behind franchises like *Assassin’s Creed*, *Far Cry*, and *Just Dance*, fell victim to a **ransomware attack** orchestrated by the **Lapsus$ gang**, a cybercriminal group known for high-profile breaches, including Samsung and Nvidia. The attack primarily aimed to **steal sensitive corporate data** for extortion, threatening public release unless a ransom was paid. While the incident caused **temporary disruptions to Ubisoft’s web-based services**, the company confirmed that **no player personal data was compromised**, and all systems were swiftly restored to full operation. The attack underscores the growing threat of ransomware groups targeting major enterprises for financial gain, leveraging stolen data as leverage. Ubisoft’s proactive measures, including cybersecurity solutions like **Acronis Cyber Protect**, helped mitigate further damage by blocking encryption and extortion attempts. The incident highlights the critical need for robust cybersecurity defenses against evolving ransomware tactics, even when direct customer impact is minimized.
Source: https://www.acronis.com/en-eu/tru/posts/ubisoft-hit-by-lapsus-ransomware/
TPRM report: https://www.rankiteo.com/company/ubisoft
"id": "ubi4432044091525",
"linkid": "ubisoft",
"type": "Ransomware",
"date": "7/2025",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences: Attack in which data is not compromised"{'affected_entities': [{'customers_affected': 'None (no player data '
'compromised)',
'industry': 'Entertainment / Gaming',
'name': 'Ubisoft',
'type': 'Video Game Developer'}],
'customer_advisories': 'No player personal information was compromised; '
'services fully restored.',
'data_breach': {'data_exfiltration': 'Likely (based on Lapsus$ modus '
'operandi)',
'personally_identifiable_information': 'None',
'sensitivity_of_data': 'High (corporate-sensitive, but no '
'PII)',
'type_of_data_compromised': 'Sensitive corporate data'},
'description': "Video game developer Ubisoft, known for games like Assassin's "
'Creed, Far Cry, Just Dance, and Prince of Persia, suffered a '
"ransomware attack by the Lapsus$ gang. The group's primary "
'goal is to steal sensitive data and extort money by '
"threatening to release it publicly. While Ubisoft's web-based "
'services experienced accessibility issues, no personal player '
'information was compromised. All games and services have '
'since been restored to full functionality.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'high-profile attack',
'data_compromised': 'Sensitive corporate data (no player personal '
'information)',
'downtime': 'Temporary accessibility issues (duration unspecified)',
'identity_theft_risk': 'None (no player personal information '
'compromised)',
'operational_impact': 'Partial disruption of web services; games '
'and services fully restored',
'payment_information_risk': 'None',
'systems_affected': ['Web-based services']},
'investigation_status': 'Resolved (services restored)',
'motivation': 'Financial extortion via data theft and public release threats',
'ransomware': {'data_exfiltration': 'Likely', 'ransomware_strain': 'Lapsus$'},
'references': [{'source': 'Acronis Cyber Protect'}],
'response': {'remediation_measures': 'Restoration of all games and services '
'to full functionality'},
'threat_actor': 'Lapsus$',
'title': 'Ubisoft Ransomware Attack by Lapsus$ Gang',
'type': 'Ransomware Attack'}