After gaining access to some internal employee and game data, the hackers were able to publish a list of unreleased games on their website. This included games that belonged to both Activision Publishing, Inc. and its subsidiaries.
Activision’s security team initially believed that a hacker had gained access to the company’s internal messaging system and posted information about the data breach on Activision’s Slack channel. Upon closer inspection, it was determined that the data had actually been stolen from an employee’s personal computer, and was not leaked by a hacker.
Employees at Activision were not made aware of the data breach until after it went public. This lack of communication may have compromised the security of employees’ personal information.
The employees interviewed believe that their employer should have been more transparent about the breach, as involving employee data was a problem from the get-go. They feel that any information that could identify them personally should not have been released without explicit consent, and are concerned about how this might impact their careers moving forward.
It seems that Activision is not too pleased with 2016. The company’s spokesperson Joseph Christinat did not respond to a request for comment on the reports of layoffs, but it’s clear that the video game publisher is in some trouble. This comes just after Activision Blizzard reported lower-than-expected profits, and analysts blame weak sales
Since the breach was announced, various reports have surfaced questioning whether sensitive information such as salary data or credit card numbers were accessed. However, Activision has released a statement indicating that no employee data was accessed and that all game code and player data was not affected. This suggests that any concerns about fraud or identity theft could be alleviated by players simply changing their passwords.
The hacker or hackers were able to access a series of spreadsheets that included employee data such as full names, some telephone numbers, corporate email addresses, and in some cases, the offices where they work. It is possible that the attacker could have used this information to compromise the identities of these employees or hack into their companies’ systems.
Activision Blizzard is one of the largest video game publishers in the world, and Microsoft is acquiring it in a deal valued at $68.7 billion. The majority of Activision Blizzard’s customers are in the U.S., with Europe and the U.K. not being very big markets for video games. This acquisition has raised a lot of concerns among regulators, who believe that Microsoft will be able to dominate all aspects of gaming; from software to hardware to online services. There is still some way to go before this deal is completely finalized, so we’ll have to wait and see how things pan out
What Activision is doing here may violate the state’s data breach notification law. By notifying California residents sooner, they are likely falling short of the law’s requirements.
Personal information should be treated with care and privacy. Collecting personal information must be done in a way that is fair, transparent, and consent-based. Any collection or use of personal information should be reasonably necessary for the purposes for which it was collected.
The personal information of around 100 employees of TechCrunch was compromised in a data breach that occurred last year. According to the company, the data breach occurred on a non-work device and no Personally Identifiable Information (PII) was taken. TechCrunch is currently investigating the matter and is working to put measures in place to ensure that such an event does not occur again.