Activision, the publisher of computer games (including the Call of Duty franchise), reported a security breach that occurred back in early December 2022 through the corporate messenger Slack.
Let me remind you that we also wrote that Hackers compromised Slack private GitHub repositories, and also that Mirai Botnet RapperBot Conducts DDoS Attacks on Game Servers.
It turned out that hackers gained access to one of the company’s internal Slack channels and stole data, and the incident became publicly known only thanks to a report by Vx-underground security experts and media publications.
Vx-underground specialists posted on Twitter a number of edited screenshots received directly from the attackers. The screenshots, dated December 4, 2022, showcase Activision’s confidential working papers related to the Call of Duty franchise, as well as the content release schedule for the coming year, through November 17.
The researchers reported that the hack was carried out due to a successful phishing attack on one of the company’s employees. After that, the hackers penetrated the Activision Slack channel, and also tried to compromise other employees, but no one else fell for phishing.
Let me remind you that the media wrote that Russian Hackers Launched a Massive Spear-Phishing Campaign.
At the same time, Vx-underground emphasized that Activision generally kept silent about this attack.
Now, after numerous questions from the media, company representatives were forced to confirm the hack. At the same time, the company assures that the incident did not affect the source codes of the games and the personal data of the players.
At the same time, the company did not specify what kind of data the hackers still got access to (in addition to the content release schedule for Call of Duty).
The publication Insider Gaming, which claims to have received and analyzed this leak in its entirety, reports that among the stolen information there are full names, email addresses, phone numbers, salaries and other data of employees. Moreover, according to journalists, the compromised Activision employee works in the personnel department and has access to a large amount of confidential data.