Activision acknowledged the breach only after researchers discussed it on Twitter, revealing that hackers had managed to steal the gaming giant’s sensitive documents.
Researchers have disclosed details of a data breach due to SMS phishing attack targeting the world’s prominent game publisher, Activision. According to VX-Underground researchers on Twitter, unidentified hackers managed to breach Activision’s security and steal internal company data.
There has been a recent rise in SMS phishing, also known as smishing, which is a form of social engineering attack in which an attacker sends a text message to a victim with the goal of tricking them into revealing sensitive information or downloading malware onto their device.
For example, Reddit, Coinbase, Zendesk, Twilio, DoorDash, and Namecheap, among several others, suffered SMS phishing attacks directed toward employees of these companies.
Incident Details
As for the cyber attack on Activision, threat actors accessed the game giant’s game release calendar and corporate Slack environment. The attackers stole sensitive workplace documents and content to be released in November 2023.
Activision had detected the breach, but they didn’t disclose it right away. VX-Underground was the first to break the news.
Activision Confirmed Data Breach
Activision has now confirmed that a data breach occurred in December of 2022 with the following statement:
“On December 4, 2022, our information security team swiftly addressed an SMS phishing attempt and quickly resolved it. Following a thorough investigation, we determined that no sensitive employee data, game code, or player data was accessed.”
Activision’s spokesperson stated that the company considers its data’s safety paramount and has “comprehensive information security protocols” in place to maintain data confidentiality.
How Did the Breach Occur?
The company revealed that threat actors had tried to phish several of its employees through an SMS-based phishing campaign. They received a message designed to be sent by the Activision Automated SMS Dispatcher. The email was titled “Employment Status: Under Review,” and they were urged to respond with a 2FA code.
One of the employees fell for the trap, while the others did not. The employee responded with the code, and the attackers gained access to their account. The other employees responded with curses, but they didn’t report the incident to Activision’s information security team, which is why the attackers could continue with the breach.
What was Data Stolen?
Attackers posted an objectionable message in the general Slack channel by exploiting a compromised account of a privileged user. On Sunday, VX-Underground published screenshots of the supposedly stolen from the game publisher.
According to the images, the attacker most likely accessed a schedule for the company’s content release dates for its popular game Call of Duty. Moreover, it is also claimed that the breached data includes plans for the release of Call of Duty 2023 and Call of Duty 2024.
In addition, sensitive employee data such as full names, phone numbers, email IDs, workplaces, and salaries were also compromised.
Recent Rise in SMS Phishing
Smishing attacks have increased in recent years as more people rely on their mobile phones for communication and daily activities. These attacks often appear to be from a legitimate source, such as a bank or a trusted service provider, and may include a link that, when clicked, leads the victim to a fake website designed to steal their login credentials or personal information.
To avoid falling victim to smishing attacks, employees must be trained, it is important to be cautious when receiving text messages from unknown or unexpected sources, and to never provide sensitive information in response to a text message.
Additionally, it is important to verify the authenticity of any links before clicking on them, and to install and maintain up-to-date anti-malware software on your device to help detect and prevent smishing attacks.
RELATED NEWS
- How to Teach Your Employees About Cybersecurity
- Geo Targetly URL Shortener Abused in Phishing Scam
- 4 Ways For Employees To Distinguish Phishing Attacks
- PayPal Scammers Abusing Invoices for Phishing Attacks
- Cybersecurity Training in Companies: The Only Way Out!