Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Threat actors leak Activision employee data on hacking forum

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. A threat actor leaked on the Breached hacking forum the data allegedly stolen from the gaming giant Activision in December 2022. The threat actors claim to have obtained 19,444 unique records from an Activision Azure database […]

Activision data leak

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum.

A threat actor leaked on the Breached hacking forum the data allegedly stolen from the gaming giant Activision in December 2022.

The threat actors claim to have obtained 19,444 unique records from an Activision Azure database amd is offering it for free. The leaked data contains names, phone numbers, job titles, locations, and email addresses of Activision employees.

Activision data leak

Activision disclosed the data breach on February 21, 2023, it added that the incident took place in December 2022. According to the company, threat actors obtained the credentials of an HR employee through a smishing attack.

“The security of our data is paramount and we have comprehensive information security protocols in place to ensure its confidentiality. On December 4, 2022, our information security team swiftly addressed an SMS phishing attempt and quickly resolved it.”a company spokesperson told Bitdefender. “Following a thorough investigation, we determined that no sensitive employee data, game code, or player data was accessed.”

Bitdefender post highlights that the screenshots shared by vx-underground researchers show that the threat actor tried to phish several more employees who were not tricked into providing their credentials.

“Unfortunately, the same people failed to inform Activision’s security department about the attempted hack.” states the post.

While Activision pointed out that no sensitive employee data, game code, or player data was compromised as a result of the incident, the website Insider Gaming reported the exposure of sensitive employee details.

The availability of Activision employees’ data in the cybercrime ecosystem exposes them to social engineering attacks.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data leak)