Tech

Hacker Breaches Activision Slack, Steals Call of Duty Info

Activision

A hacker managed to break into a Slack channel of gaming publishing giant Activision, post offensive messages from the targeted account, and steal information related to upcoming Call of Duty releases, according to screenshots posted online by cybersecurity collective VX-Underground.

In one screenshot of a Slack room called “#general,” a message posted through the compromised account reads “i touch children.” Other screenshots show the planned release dates for upcoming seasons of Call of Duty content.

Videos by VICE

The hack appears to have happened through social engineering, with the hacker tricking an employee into providing an SMS-delivered two-factor authentication code. In one screenshot, a message reads “Activision Automated SMS Dispatcher,” and “Note: Please respond with the 2fa code sent.” The worker then responds with a six digit code, according to the screenshot.

Do you know about any other hacks of video game companies? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email joseph.cox@vice.com.

Activision told Motherboard in a statement that “The security of our data is paramount, and we have comprehensive information security protocols in place to ensure its confidentiality. On December 4, 2022, our information security team swiftly addressed an SMS phishing attempt and quickly resolved it.”

“Following a thorough investigation, we determined that no sensitive employee data, game code, or player data was accessed,” the statement added. Activision did not respond when asked specifically about the data that the hacker seemingly did access, such as the Call of Duty scheduling.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.