Update: We've just been informed by Ubisoft that the attack did not originate via any Uplay services; the intrusion targeted some of their internal online systems.
Original Post: Ubisoft’s Uplay website has been hacked. The company announced today that one of its websites had been exploited to gain access to some of its online systems. The France-based publisher says that it took immediate steps to close off this access, and to begin a “thorough investigation with the relevant authorities”, along with internal and external security experts, and to start restoring the integrity of its systems.
However, during this process, the company learned that data was illegally accessed from its account database, including usernames, e-mail addresses and passwords—the last of which was encrypted. Fortunately, no personal information is stored with Ubisoft, so financial data was safe from the intrusion.
Due to the systems compromise, Ubisoft is recommending that users change their passwords at the following link as a precaution. It’s also recommended that users change their passwords on other services should they share the same password as the one they used on Uplay.
Further details, including an FAQ, can be found here.
