Activision Details
Activision
Santa Monica, CA • 17000 employees • Arts, Entertainment, and Recreation
Industry
Arts, Entertainment, and Recreation
Security Incidents
1
Security Incidents
Activision Breach of Dec 2022
Despite initial claims by Activision that no sensitiv...
Show more
Given the breach involved sensitive employee data...
Show more
Despite initial denials of significant data exposure, further analysis by cybersecurity researchers revealed that the attackers accessed an HR employee's Slack account, granting them a broader scop...
Show more
Severity Score
Significant to High
Type
Phishing AttackSummary
In December 2022, video game publisher Activision experienced a data breach due to an SMS phishing attack targeting one of its employees. The attacker gained access to sensitive employee information, including full names, email addresses, phone numbers, salaries, and work locations. Additionally, future content plans for the Call of Duty Modern Warfare II franchise were accessed. The extent of the breach came to light in February 2023 when cybersecurity group vx-underground shared screenshots of the stolen data and internal Slack messages.Despite initial claims by Activision that no sensitiv...
Show more
Severity
In December 2022, Activision faced a cyberattack where hackers used an SMS phishing technique to gain access to the company's internal network. The attacker compromised an HR employee's account, resulting in the exfiltration of sensitive workplace documents, including full names, email addresses, phone numbers, salaries, and work locations of employees. While Activision claimed that no game source code or player data was breached, the leak did include content release schedules and potentially exposed internal communication channels like Slack.Given the breach involved sensitive employee data...
Show more
Impact
The social engineering attack on Activision in December 2022 involved phishing employees via SMS to gain access to the company's network. This breach resulted in the exposure of sensitive employee data, including full names, email addresses, phone numbers, salaries, and work locations. However, game source code, player data, and critical game development information were reportedly not compromised.Despite initial denials of significant data exposure, further analysis by cybersecurity researchers revealed that the attackers accessed an HR employee's Slack account, granting them a broader scop...
Show more
KEEP YOUR ENVIRONMENT SECURE
Weak credentials are the leading cause of breaches. Beyond Identity can help.
See MFA exploits in action
Watch how adversaries exploit companies in quick videos