Publishing giant Activision confirmed that there was a data breach at the end of last year.
Despite downplaying the incident, many in the media, as well as the underground hacking community, say the breach was serious.
The news surfaced on Twitter, where vx-underground cybersecurity researchers shared screenshots of stolen data and messages posted by hackers in Activision’s Slack workspaces. The data was apparently stolen in early December last year, after an Activision employee phished the credentials, resulting in cybercriminals downloading employee internal data and some gaming data from the company’s endpoints (opens in a new tab).
Downplaying the incident
Activision spokesman Joseph Christinat responded to the news by sharing a statement saying the company “quickly” responded to the attack and “quickly resolved it.” The same statement claims that the cybercriminals did not gain access to any sensitive employee data, game code or player data.
But vx-underground begs for something else. Files shared by the group TechCrunch they showed employees’ full names, phone numbers, corporate email addresses, and in some cases even their office postal addresses. All important information that can be used in identity theft and social engineering attacks.
Although the media did not explicitly say so, they suggest that Activision was trying to cover up the data breach. It had happened almost three months ago, but his employees were also unaware of it. Two employees were talking TechCrunchconfirming that this is a problem
“If an employee’s information is involved, they should have disclosed the breach,” one of the publication’s employees said.
Activision is one of the largest game publishers in the world, with such titles as World of Warcraft and Call of Duty.
The company is currently working on an acquisition deal with Microsoft, with the latter allegedly agreeing to buy the company for $68.7 billion. However, regulators in various jurisdictions opposed the deal, media reported.
By: TechCrunch (opens in a new tab)