Somebody at Ubisoft has left the lock off the servers again, losing some usernames, email addresses and encrypted passwords in the process. According to the company “one of our Web sites” was to blame. Pesky hackers exploited it to “gain unauthorized access to some of our online systems.” Which is when the names and passwords came a-tumblin’ out.
Ubisoft claims it dealt with this “instantly” which, let’s be honest, can’t really be true. Quickly? Sure, maybe. Instantly? Nah. After that, they began “a thorough investigation with relevant authorities, internal and external security experts, and start[ed] restoring the integrity of any compromised systems.”
No payment information was stored on the compromised system, according to Ubisoft. Your debit and credit card info is safe for another day. However, it’d be a wise move to change your Ubisoft account password. The company is sending out emails urging you to do this, but in case yours has gone missing you can probably just do it through Ubi.com.
Though there’s no admission and no direct paper trail, the finger is being pointed at Ubi’s Uplay digital service. Last summer a major exploit was found in the Uplay system. That one was fixed quite swiftly, but it didn’t inspire confidence in the construction of the software.