Skip to content

Sensitive info of 19,444 Activision employees leaked on hacking forum

  • by
  • 2 min read

Following its disclosure of a data breach suffered back in December 2022, Activision’s lost employee data has now surfaced on a hacking forum. The leaked data includes names, phone numbers, job titles, locations and email addresses of 19,444 Activision employees being offered for free. 

The threat actor claims to have extracted the data from an Activision Azure database. This leak doesn’t seem to include any sensitive work documents or any upcoming content from the game development studio, as was previously suspected when Activision disclosed the breach. Regardless, this goes directly against Activision’s claims of no sensitive employee data, game code or player data being leaked. 

A spokesperson for the company addressed the breach as an “SMS phishing attempt” which was promptly addressed by their information security team. However, considering employee data has now been leaked, it opens up the possibility for employees to be targeted in social engineering attacks and we could also see game code leaks further down the road. 

Photo: Sergei Elagin/Shutterstock.com

This ‘attempt’ happened on December 4, 2022, according to the company. Security research group vx-underground found that the intruders had gained access to the Slack account of the targeted Activision employee on December 2 and tried to truck other employees using this access.

Moreover, Insider Gaming claims to have access to the entire leak and analysis reveals that the cache contains full names, email addresses, phone numbers, salaries, work locations and other employee details. Since the targeted employee worked in the HR department, they had access to sensitive employee information others wouldn’t have. 

The leaked game data seems to mostly revolve around the Call of Duty franchise at the moment and includes upcoming content bundles, release dates and DLCs for Call of Duty Modern Warfare II. The breach only seems to have affected content available for marketing and development environments are reportedly not affected. Finally, player and user data was also not affected. 

In the News: Google reveals 9 new features for Android and WearOS

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>
Exit mobile version