Video game developer Activision has been impacted by a data breach in December following the compromise of its internal systems via an SMS phishing attack, according to BleepingComputer.
While no sensitive employee information, game code, or player data were affected by the incident, threat actors were able to exfiltrate sensitive workplace documents and the company's content release schedule until Nov. 17, 2023, said vx-underground, which noted that Activision did not inform anyone regarding the intrusion until this week.
Attackers were noted by vx-underground to have infiltrated an Activision employee's Slack account to conduct further attacks on other employees.
Further analysis of the compromised data by video game publication Insider Gaming showed that the stolen cache contains employees' full names, phone numbers, email addresses, salaries, work locations, and other information.
Such an attack also involved the targeting of an employee from Activision's human resources department, who had extensive access to employee data.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news