The company says that, after a post to Just Dance 2022 community forums, the “incident” was the result of a misconfiguration, when identified, that was quickly fixed, but made it possible for unauthorized people to access and possibly copy some personal player data.” Ubisoft says that exposed data includes “technical identifiers” such as “GamerTags, Profile IDs, Device IDs, as well as Just Dance videos that were recorded and uploaded and shared to play public with the in-game community and/or on social media profiles” The breach primarily affects public or semi-public information. But there’s a difference between what knowingly or not somebody shared a Just Dance video on social media, where they have more control over who can see their posts, and having that video exposed like this. “Our investigation hasn’t shown that any Ubisoft account information has been compromised since it was reported,” says Ubisoft. It claims a little about how it took all its proactive steps to protect our infrastructure in a future catastrophe. There is no question that someone called that bluff. ZDNet notes that Ubisoft has been targeted by attackers before. The company said that attackers gained access to data about 58 million Ubisoft accounts in 2013 and in 2020, the Egregor gang released a computer program that claims they were stealing data from the company’s servers. Ubisoft says that just Dance players who exposed their data will be notified by email about their exposure and “can follow up with our Support team for more information.”
