Data
allegedly
stolen
from
the
American
gaming
giant
Activision
in
December
security
breach
were
leaked
on
a
cybercrime
forum.
A
threat
actor
leaked
on
the
Breached
hacking
forum
the
data
allegedly
stolen
from
the
gaming
giant
Activision
in
December
2022.
The
threat
actors
claim
to
have
obtained
19,444
unique
records
from
an
Activision
Azure
database
amd
is
offering
it
for
free.
The
leaked
data
contains
names,
phone
numbers,
job
titles,
locations,
and
email
addresses
of
Activision
employees.
Activision
disclosed
the
data
breach
on
February
21,
2023,
it
added
that
the
incident
took
place
in
December
2022.
According
to
the
company,
threat
actors
obtained
the
credentials
of
an
HR
employee
through
a
smishing
attack.
“The
security
of
our
data
is
paramount
and
we
have
comprehensive
information
security
protocols
in
place
to
ensure
its
confidentiality.
On
December
4,
2022,
our
information
security
team
swiftly
addressed
an
SMS
phishing
attempt
and
quickly
resolved
it.”a
company
spokesperson told
Bitdefender.
“Following
a
thorough
investigation,
we
determined
that
no
sensitive
employee
data,
game
code,
or
player
data
was
accessed.”
Bitdefender
post
highlights
that
the
screenshots
shared
by
vx-underground
researchers
show
that
the
threat
actor
tried
to
phish
several
more
employees
who
were
not
tricked
into
providing
their
credentials.
“Unfortunately,
the
same
people
failed
to
inform
Activision’s
security
department
about
the
attempted
hack.”
states
the
post.
While
Activision
pointed
out
that
no
sensitive
employee
data,
game
code,
or
player
data
was
compromised
as
a
result
of
the
incident,
the
website
Insider
Gaming
reported
the
exposure
of
sensitive
employee
details.
The
availability
of
Activision
employees’
data
in
the
cybercrime
ecosystem
exposes
them
to
social
engineering
attacks.
Follow
me
on
Twitter:
@securityaffairs
and
Facebook
and
Mastodon
(SecurityAffairs –
hacking,
data
leak)
Share
On
About Author
