HQ/EMEAFind out how we can help your business
The American video game publisher, Activision, confirmed experiencing a security breach last December from threat actors that accessed its internal systems through a smishing (SMS phishing) campaign.
Upon discovering the issue on December 4, 2022, Activision’s security team addressed it immediately and contained any damage the phishing incident had caused. Employees and customers have also been assured that their sensitive data is safe from compromise.
The video game publisher also added that their source code for popular games and player details are safe from being stolen.
Analysts found that workplace files were pilfered from the Activision hack.
Separate security analysts who assessed the security breach in Activision said that some corporate and workplace documents had been stolen. These compromised company files include content release schedules and timelines of video games, such as Call of Duty.
The researchers also shared screenshots from their findings, showing that the threat actors gained access to an Activision employee’s Slack account last December 2. Subsequently, using the stolen Slack account, the hackers attempted to trick other employees into clicking malicious URLs that could result in further security compromises.
Aside from the leaked video game timelines, security researchers also found which data had been exposed to hackers in the incident, including employees’ full names, email addresses, salaries, work locations, and phone numbers, among other sensitive data.
While the video game publisher refuted this report about the employee data leak, experts still warn the company’s employees to be cautious against attack attempts that could leverage their information.
Additionally, since the alleged data leak comprised mostly of employees’ information, the researchers said that it was a member of staff from the Human Resources department that the hackers had stolen Slack access to.
This claim explains why most of the alleged leaked data are from Activision’s employees.
Nonetheless, other security experts believe the leaked video game timelines were for the company’s marketing materials, and its source codes and development environments have not been compromised.
