Hackers have stolen internal employee and game data from Activision, according to reports by TechCrunch and Insider Gaming. The hackers walked away with Activision’s schedule of planned content for the Call of Duty franchise, and employee data such as “full names, emails, phone numbers, salaries, places of work, addresses, and more.”
The cyber incident occurred back on December 4, but the breach was not disclosed until this past weekend when cybersecurity and malware research group vx-underground went public with screenshots of the stolen data.
Activision suffering a hack was a surprise not only to the public but to its own employees. According to an anonymous statement made by an Activision employee to TechCrunch, “This a problem. If there is employee’s information involved, they should have disclosed the breach.”
Activision did not respond to the employee’s anonymous statement made to TechCrunch.
SMS Phishing blamed for Activision hack
The hack occurred after an employee was phished over an SMS text. Once the hacker compromised the credentials and gained privileged user access, they were able to access spreadsheets and other proprietary roadmap data of the Call of Duty franchise series.’
No further detail about the nature of the hack is known at this time.
Activision claims that they “swiftly” responded to an SMS phishing attempt and “quickly resolved it.” They also claim that “no sensitive employee data, game code, or player data was accessed.”
But the news reports and screenshots shared by vx-underground definitely tell a different story.
Multi-billion dollar game franchises are a hacker’s dream
This isn’t the first time that a prominent video game development studio has been hacked, and it certainly won’t be the last.
Hackers are going to prioritize targets that have money and proprietary data worth millions—or even more—on the open market.
In September 2022, hackers stole source code and leaked unreleased footage of Grand Theft Auto VI from Rockstar Games. An individual reportedly responsible for this and the Uber hack was arrested in the United Kingdom within days.
