Activision Blizzard, the maker of popular games such as Call of Duty and Candy Crush, has reportedly suffered a data breach resulting in employee data, including contact and financial information, being leaked online.
Content plans for Call of Duty were also stolen in the breach.
When reached for comment, Activision spokesperson Joseph Christinat told TechCrunch that the company's security team "swiftly addressed an SMS phishing attempt and quickly resolved it" on December 4, 2022.
"No sensitive employee data, game code, or player data was accessed," Christinat said.
Also Read | UK’s competition authority says Microsoft Activision deal will harm gamers
The statement contradicted twitter user @vxunderground. The user claimed that the unknown hackers managed to get into the system by successfully phishing "a privileged user on the network" and stole "sensitive work place documents" and scheduled content plans for their games, "dating to November 17th, 2023".
.@Activision was breached December 4th, 2022. The Threat Actors successfully phished a privileged user on the network. They exfiltrated sensitive work place documents as well as scheduled to be released content dating to November 17th, 2023.Activision did not tell anyone. pic.twitter.com/urD64iIlC5
— vx-underground (@vxunderground) February 20, 2023
Also Read | Activision Blizzard CEO Bobby Kotick calls Sony out, says company is 'trying to sabotage' Microsoft takeover
Activision not only hid the breach until the tweets were posted online, it also didn't alert employees.
Speaking to TechCrunch, two employees said the staff were not allowed to interact with the press and information on whether their data was accessed was not disclosed.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
