Key Findings

• Servers of Ubisoft's Rainbow Six Siege were compromised in a hacker attack

• Attackers infiltrated the servers and granted massive amounts of in-game currency and items to players

• This triggered Ubisoft's anti-cheat system, which began issuing account bans indiscriminately

• Even well-known players were caught up in the wave of suspensions

• Ubisoft is working to resolve the issue through data rollbacks and quality control testing

• The company cautioned that a full restoration could take an unspecified timeline

Background

Rainbow Six Siege is a popular online tactical shooter developed and published by Ubisoft. The game has a large and dedicated player base that engages in competitive multiplayer matches. Like many live service games, Rainbow Six Siege features an in-game economy where players can purchase virtual currency and items.

Server Compromise and Automated Account Bans

Unidentified hackers were able to gain unauthorized access to Ubisoft's servers hosting Rainbow Six Siege. Through unknown means, the attackers infiltrated the systems and indiscriminately credited massive amounts of in-game currency and items to a large number of player accounts.

This triggered Ubisoft's anti-cheat system, known as BattlEye, which automatically interpreted the sudden influx of currency and items as illicit activity. As a result, the system began issuing bans on a substantial number of player accounts, catching even well-known streamers and competitive players in the crossfire.

Ubisoft's Response and Ongoing Restoration

Upon realizing the scale of the incident, Ubisoft moved swiftly to address the breach. The company temporarily took the Rainbow Six Siege servers offline for maintenance and security checks. Ubisoft's human moderation teams then worked to identify the root cause of the issue and began the process of lifting bans on affected accounts.

In an official statement, Ubisoft stated that any abnormal currency and items added during the incident would be removed through data rollbacks. The company also committed to conducting comprehensive quality control testing to ensure account integrity and the validity of all changes made.

However, Ubisoft cautioned that the scale and complexity of the work involved meant that a specific timeline for full restoration could not be guaranteed. The company's official game status page currently indicates that Rainbow Six Siege is undergoing unplanned maintenance across all platforms, leaving players with no choice but to wait for the rollback process to be completed.

Ongoing Investigation and Unanswered Questions

The identity and motives of the perpetrators behind the hacker attack remain unknown at this time. Typically, cybercriminals seek financial gain through data theft and extortion, making attacks that simply inflate player accounts with currency and items exceedingly rare.

It is unclear whether a monetary motive was involved in this incident or if the hackers had some other objective. Ubisoft has not provided any additional details about the investigation or the specific vulnerabilities exploited in the attack.

As the company works to restore the integrity of the Rainbow Six Siege ecosystem, players affected by the incident will be eagerly awaiting updates and a resolution to the situation.

Sources

• https://securityonline.info/the-339-trillion-glitch-ubisoft-loses-control-of-rainbow-six-siege-in-massive-breach/

• https://www.reddit.com/r/ubisoft/rising/