Following an exploit of a not-completely-secure server, a number of passwords linked to Uplay accounts wound up in the hands of some unscrupulous hackers.
Ubisoft are now recommending that everyone change the passwords on their Uplay accounts, as well as any linked services that may use the same or a similar password.
Fortunately, the information that was hacked seems to have only included encrypted passwords, and no payment information, phone numbers, or addresses were taken in the digital raid.
Ubisoft released a statement to their users earlier today in email form, as well as publishing the statement on their website and syndicating it where they can.
We recently found that one of our Web sites was exploited to gain unauthorized access to some of our online systems. We instantly took steps to close off this access, investigate the incident and begin restoring the integrity of any compromised systems.
During this process, we learned that data had been illegally accessed from our account database, including user names, email addresses and encrypted passwords. Please note that no personal payment information is stored with Ubisoft, meaning your debit/credit card information was safe from this intrusion.
This hack didn’t originate from the Uplay servers, and have been confirmed to have been on another web server of Ubisoft’s. The Uplay server was temporarily taken down earlier this year following an exploit that allowed gamers to download games from the service for free.
Like with any digital media, Ubisoft’s servers aren’t completely immune to the illegal activities conducted by unscrupulous hacking groups. Whilst steps are in place to make sure these kinds of attacks don’t happen, there are people out there who will look for ways around the steadfast security systems in place.