Hacker vx-underground has pointed out that Ubisoft wasn’t really hacked in the ‘traditional sense’.
Rainbow Six Siege’s servers were hacked last month, leading to bans and players losing their skins and credits. The hack happened again earlier this week, referencing the 67 meme.
Vx-underground was a primary news source for these hacks, so he isn’t ranting about them from out of nowhere.
The Real Issue? API Abuse
To summarize, vx-underground explained that hackers found an API endpoint, a single computer that happens to be exposed. They have simply been accessing that computer, skipping the API key requirement, to mess with Ubisoft and their players.
Tom Henderson corroborated that Ubisoft has known about the security issue since November 2025. It just so happens that it takes a long time to fix, hence the abuse.
Ultimately, what everyone needs to know is that no employee or customer data was stolen or compromised. Rainbow Six Siege players may be annoyed for now, but no one has to quit playing Ubisoft games.