French video game publisher Ubisoft is currently investigating a potential data security incident after screenshots of the company's internal software and developer tools were shared online by security research collective VX-Underground.

The leaked images, which appeared to show access to Ubisoft's internal services, have raised concerns about a possible breach. Ubisoft acknowledged the alleged incident in a statement to BleepingComputer, stating, "We are aware of an alleged data security incident and are currently investigating. We don't have more to share at this time."

According to a tweet from VX-Underground, an unknown threat actor claimed to have breached Ubisoft on December 20th, with intentions to exfiltrate around 900GB of data. The actor allegedly gained access to several services, including the Ubisoft SharePoint server, Microsoft Teams, Confluence, and MongoDB Atlas panel. Screenshots detailing their access to these services were shared as evidence.

It should be noted that MongoDB Atlas recently disclosed a separate breach, but it does not appear to be related to this incident involving Ubisoft.

In a twist of events, the threat actors informed VX-Underground that they attempted to steal user data from Rainbow 6 Siege but were detected and lost access before they could do so. This suggests that Ubisoft's security measures may have thwarted their efforts.

This is not the first time Ubisoft has faced cybersecurity issues. In 2020, the company was targeted by the Egregor ransomware gang, resulting in the leak of portions of the Watch Dogs game source code. A second breach occurred in 2022, causing disruptions to Ubisoft's games, systems, and services.

As Ubisoft continues its investigation, gamers and industry experts will be closely monitoring the situation to ascertain the impact of the alleged breach and whether any customer data has been compromised. The incident serves as a reminder of the ongoing challenges faced by companies in protecting their valuable intellectual property and customer information from cyber threats.