Skip to content

Sensitive info of 19,444 Activision employees leaked on hacking forum

  • by
  • 2 min read

Following its disclosure of a data breach suffered back in December 2022, Activision’s lost employee data has now surfaced on a hacking forum. The leaked data includes names, phone numbers, job titles, locations and email addresses of 19,444 Activision employees being offered for free. 

The threat actor claims to have extracted the data from an Activision Azure database. This leak doesn’t seem to include any sensitive work documents or any upcoming content from the game development studio, as was previously suspected when Activision disclosed the breach. Regardless, this goes directly against Activision’s claims of no sensitive employee data, game code or player data being leaked. 

A spokesperson for the company addressed the breach as an “SMS phishing attempt” which was promptly addressed by their information security team. However, considering employee data has now been leaked, it opens up the possibility for employees to be targeted in social engineering attacks and we could also see game code leaks further down the road. 

Photo: sergei elagin/shutterstock. Com
Photo: Sergei Elagin/Shutterstock.com

This ‘attempt’ happened on December 4, 2022, according to the company. Security research group vx-underground found that the intruders had gained access to the Slack account of the targeted Activision employee on December 2 and tried to truck other employees using this access.

Moreover, Insider Gaming claims to have access to the entire leak and analysis reveals that the cache contains full names, email addresses, phone numbers, salaries, work locations and other employee details. Since the targeted employee worked in the HR department, they had access to sensitive employee information others wouldn’t have. 

The leaked game data seems to mostly revolve around the Call of Duty franchise at the moment and includes upcoming content bundles, release dates and DLCs for Call of Duty Modern Warfare II. The breach only seems to have affected content available for marketing and development environments are reportedly not affected. Finally, player and user data was also not affected. 

In the News: Google reveals 9 new features for Android and WearOS

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

This is an image of cyber security hacked breach

Case study reveals Chinese hackers spent over 300 days in US electricity grid

This is an image of iphone with apple logo

Match Group, AIDF denied Apple’s confidential antitrust data

Photo: ascannio / shutterstock. Com

X’s outage can’t be traced by researchers and Musk alike

This is an image of malware featured security

DPRK’s KoSpy spyware targets SK, India, Russia, and Middle East

This is an image of honey featured 1

Google updates Chrome Extension policy after Honey scam

This is an image of apple featured 220923

Apple patches critical zero-day exploit targeting iPhones and iPads

>