Platform · Gaming discussion and player support · Official game publisher community forum · Global
Ubisoft video game company community forum.
The Breach Risk Index (BRI) is a proprietary 0–100 score rating how dangerous a breach is right now, based on how recently the data has been circulating on the dark web and how valuable it is to attackers.
A dataset of approximately 90.9 million email addresses and passwords attributed to the Ubisoft community forums (forums.ubisoft.com), dated to 2014, circulates in breach catalogues. It is distinct from Ubisoft's July 2013 website breach (~58M accounts). Exposed data comprises email/password pairs usable for credential stuffing; no financial or identity data is indicated. The threat actor and exact intrusion method are not reliably established.
Full threat analysis, exploitation vectors, and principal guidance below.
10 additional sections · verified field analysis · defensive doctrine
90.9M records analyzed
Ubisoft is a major French video-game publisher (Assassin's Creed, Far Cry, Rainbow Six). This record concerns its community forums (forums.ubisoft.com), which maintained player account credentials separate from its game/uPlay account platform.
Official publisher forums collect user accounts, emails, support interactions, messages, and community participation tied to game support and player discussion.
Ubisoft experienced a separate, larger website breach in July 2013 (~58M accounts). The 2014 forum dataset (~90.9M email/password records) circulates in breach catalogues; Ubisoft has since consolidated accounts under Ubisoft Connect and enforced password resets across incidents.
The exposure of email addresses and passwords for a very large number of forum/player accounts primarily creates credential-stuffing and account-takeover risk where players reused passwords, plus gaming-themed phishing. No financial or identity documents were involved.
• Credential stuffing and account takeover against reused passwords | • Gaming-themed phishing using exposed email addresses | • Account-takeover of linked gaming/uPlay accounts where passwords were reused
A consumer-service breach: contact and account data supports phishing, account takeover and profile enrichment. For a high-profile principal the main risk is credible impersonation and enrichment of existing exposure.
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation