Hackers Broke into Activision’s Slack and Stole Data

Activision's Slack

Activision, the publisher of computer games (including the Call of Duty franchise), reported a security breach that occurred back in early December 2022 through the corporate messenger Slack.

Let me remind you that we also wrote that Hackers compromised Slack private GitHub repositories, and also that Mirai Botnet RapperBot Conducts DDoS Attacks on Game Servers.

It turned out that hackers gained access to one of the company’s internal Slack channels and stole data, and the incident became publicly known only thanks to a report by Vx-underground security experts and media publications.

Vx-underground specialists posted on Twitter a number of edited screenshots received directly from the attackers. The screenshots, dated December 4, 2022, showcase Activision’s confidential working papers related to the Call of Duty franchise, as well as the content release schedule for the coming year, through November 17.

Activision's Slack

The researchers reported that the hack was carried out due to a successful phishing attack on one of the company’s employees. After that, the hackers penetrated the Activision Slack channel, and also tried to compromise other employees, but no one else fell for phishing.

Let me remind you that the media wrote that Russian Hackers Launched a Massive Spear-Phishing Campaign.

At the same time, Vx-underground emphasized that Activision generally kept silent about this attack.

Now, after numerous questions from the media, company representatives were forced to confirm the hack. At the same time, the company assures that the incident did not affect the source codes of the games and the personal data of the players.

On December 4, 2022, our information security team promptly responded to an SMS phishing attempt and stopped it. After a thorough investigation, we have determined that access to confidential employee data, game code, or player data has not been obtained.Activision said in an official statement.

At the same time, the company did not specify what kind of data the hackers still got access to (in addition to the content release schedule for Call of Duty).

The publication Insider Gaming, which claims to have received and analyzed this leak in its entirety, reports that among the stolen information there are full names, email addresses, phone numbers, salaries and other data of employees. Moreover, according to journalists, the compromised Activision employee works in the personnel department and has access to a large amount of confidential data.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *