Last week, Activision made it public that they were the target of a cyberattack, and the outcome of that incident was a serious security breach. Unfortunately, the stolen data has now been made accessible on the internet.
In December 2022, cybercriminals utilized a Smishing technique to gain access to the systems of an American game publisher. Consequently, the private data of more than 10,000 workers have been published on a hacker discussion board.
It is believed that the actor is attempting to encourage malicious phishing attacks with the data that was posted, and this can be extremely hazardous considering the magnitude of accounts compromised. The following is the information that has been gathered concerning this event.
Activision Suffered a Security Breach – Information Was Compromised
In recent times, large gaming entities have been targeted by hackers globally. These organizations are of particular interest to criminals due to their fame and the vast amounts of confidential information they possess.
Cybercriminals are not randomly attacking small gaming enterprises. Instead, they are meticulously choosing the ones they can reap the most rewards from.
The gaming industry isn’t the only one to suffer from cyber attacks. Even cable providers such as Dish have been victims of similar breaches.
It was in December of 2022 that Activision became the victim of a data breach, however, it was only officially confirmed one week ago. The perpetrator of the attack has now apparently posted the purloined information on the Breached hacking forum.
A hacker has reportedly uploaded data belonging to Activision employees to a cybercrime forum. The leaked information is said to include names, IDs, and emails.
The post states that anyone who desires it can obtain the file which provides them with exactly 19,444 individual records of workers from Activision that include:
- First and last names
- Telephone numbers
- Positions held
- Geographic areas
- E-mail contacts
The onset of the breach was the result of an effective Smishing attack that was directed toward a single staff member. Subsequently, the intruder managed to access the information of the organization. A representative from the organization stated in a public announcement regarding the incident:
On the 4th of December, 2022, the info security squad responded immediately to a text-based phishing scam and quickly remedied it.
After a thorough investigation, it was established that no delicate personnel data, game code, or player data had been accessed.
Activision confirmed there was an issue, but they were quick to add that neither the game source code nor any player information had been affected.
In the event that any information regarding the upcoming game was to be revealed prematurely, Activision would not be concerned as they have already released this data to the public for promotional purposes.
The magnitude of the breach was extensive, prompting the organization to launch a comprehensive internal probe. Fortunately, no confidential employee information was included in what was accessed.
Sizeable Leakage, Small Amount of Crucial Details
The fact that this info is posted on a hacking forum makes it open to a wide audience. Although the business claims that no confidential details are included, it does contain email addresses.
It is a distinct possibility that staff may be subjected to phishing expeditions in the foreseeable future. We sincerely hope it does not reach that stage, but we cannot ignore its likelihood.