Ubisoft Says 58 Million Users Had Details Stolen – Payment Details Safe

The phrase “EPIC FAIL” comes to mind after Ubisoft have just sent an email out to all Ubisoft account holders warning of a massive data breach. Apparently a staggering 58 million accounts have been hacked allowing the hackers to gain access to user names, email addresses and encrypted passwords. Ubisoft reports that no debit or credit card information was lost as Ubisoft does not store them.

In response Ubisoft has advised all users to change their passwords on their Ubisoft accounts, and change your password that is the same and used with the same email address on any other site. I am quite shocked at Ubisoft’s incompetence. Firstly, that they didn’t auto-reset passwords for all Ubisoft accounts to prevent hackers gaining access to them without the associated emails. Secondly, if they went to such extraordinary measures of outsourcing payment details to another company with better security, why did they not do a similar thing for account details?

This isn’t the first time Ubisoft have been victim to a “hack-attack” and last year a security hole allowed hackers to download software from its store for free that hadn’t even been released yet. I guess some companies will never learn.

Image courtesy of Ubisoft