Activision had “No Intention” of Notifying Employees of Recent Hack

Activision had “No Intention” of Notifying Employees of Recent Hack

Activision, the game publisher behind popular titles such as Call of Duty and Diablo, has publically admitted to a systems breach that was kept from their employees.

The gaming giant revealed that a cybercriminal had managed to access its network in December of 2022 using, of all things, a malicious phishing text message sent to a staff member.

TechCrunch reports that Activision had no intention of apprising workers of the hack.  In fact, two current Activision employees report they still have yet to receive an official notification from the company about the incident.

“On December 4, 2022, our information security team swiftly addressed an SMS phishing attempt and quickly resolved it. Following a thorough investigation, we determined that no sensitive employee data, game code, or player data was accessed,” the gaming company told Bleeping Computer in a statement.

While Activision claims no “sensitive” data was stolen as a result of the incident, vx-underground, the malware analysis group who broke the news about the incident, states the hacker phished a “privileged user” on Activision’s network.  Then, according to Insider Gaming, the cybercriminals used that access to remove sensitive workplace documents containing information like employee email addresses, phone numbers, and salary data. A Call of Duty content schedule was also leaked as a result of the breach.

This is not the first time a large tech company like Activision has been hacked in a very basic way and dealt with it – or not, as the case may be – in a less than stellar fashion.  For example, a large phishing campaign penetrated the networks of dozens of major companies last year, despite the fact that the intrusion techniques used by the hacker were pretty basic in nature.  Reddit revealed that it’s been hacked by a basic phishing ploy as well.

The bottom line is that employees cannot protect themselves and their company from a threat they don’t know exists.  And finally, a word to the wise:  If you don’t know who sent you the message, don’t open the link.

 

From Gizmodo.com

The “aCropalypse” is here. Are your Photos Safe?

The “aCropalypse” is here. Are your Photos Safe?

Ransomware Gang claims Responsibility for Hack that Home Security Company Denies Happened

Ransomware Gang claims Responsibility for Hack that Home Security Company Denies Happened