Ubisoft, the father of the famous Assassin’s Creed videogame series, is advising all users to change their passwords and, in some cases, email addresses immediately. Just yesterday, the large game company announced that its user database had been breached, exposing thousands of email addresses, encrypted passwords and user names.
“We recently discovered that one of our Web sites was exploited to gain unauthorized access to some of our online systems,” Ubisoft wrote in a statement in their blog. “During this process, we learned that data had been illegally accessed from our account database.”
Since the company doesn’t store credit card information in its database, none of that information is at risk. However, users often use the same emails and passwords for Ubisoft as they do for other places on the Internet. The company suggests that everyone immediately change their passwords on any website that even has a similar password to the Ubisoft account (e.g., P@ssword and p@ssword).
The credentials stolen were used to access the online subscription-only network, but this isn’t the first time this has happened. In 2010, a hacker group by the name of Skid Row breached Ubisoft’s website in protest toward the company’s policy that required gamers to have a constant connection to the Internet. While this hacking didn’t affect any personal info, it did remove the company’s DRM technology.
Ubisoft says they’re working quickly to restore online capabilities and strengthen online security, but say they are “not immune to these kinds of criminal attacks.”