Huge Rainbow Six Siege breach provides gamers billions of credit

Ubisoft’s Rainbow Six Siege (R6) suffered a breach that allowed hackers to abuse inner programs to ban and unban gamers, manipulate in-game moderation feeds, and grant huge quantities of in-game foreign money and beauty gadgets to accounts worldwide.

Based on a number of participant stories and in-game screenshots shared on-line, the attackers had been capable of:

• Ban/unban Rainbow Six Siege gamers
• Show pretend ban messages on the ban ticker.
• Grant all gamers roughly 2 billion R6 Credit and Renown
• Unlock each beauty merchandise within the recreation, together with developer-only skins

R6 Credit are a premium in-game foreign money bought for actual cash on Ubisoft’s retailer. Based mostly on Ubisoft’s pricing, 15,000 R6 Credit price $99.99, inserting the worth of two billion credit at roughly $13.33 million value of in-game foreign money distributed free of charge.

At 9:10 AM on Saturday, the official Rainbow Six Siege account on X confirmed the incident, stating that Ubisoft was conscious of a problem affecting the sport and that groups had been working to resolve it.

Shortly afterward, Ubisoft deliberately shut down Rainbow Six Siege and its in-game Market, stating they had been nonetheless engaged on the problem.

“Siege and the Market have been deliberately shut down whereas the staff focuses on resolving the problem,” reads a submit on X.

In a closing replace, Ubisoft clarified that gamers wouldn’t be punished for spending the granted credit, however that it could be rolling again all transactions made since 11:00 AM UTC.

The corporate additionally acknowledged that Ubisoft didn’t generate the messages seen within the ban ticker and that the ticker had been disabled beforehand.

Ubisoft stated it was persevering with to work towards absolutely restoring the sport, however the servers stay down right now.

Right now, Ubisoft has not launched a proper assertion relating to the incident and has not responded to emails from BleepingComputer requesting particulars on how the breach occurred.

If in case you have any info relating to this incident or another undisclosed assaults, you possibly can contact us confidentially through Sign at 646-961-3731 or at ideas@bleepingcomputer.com.

Rumors of a bigger breach

Unverified claims state {that a} a lot bigger breach occurred inside Ubisoft’s infrastructure.

Based on security analysis group VX-Underground, menace actors claimed to have breached Ubisoft’s servers utilizing a lately disclosed MongoDB vulnerability dubbed “MongoBleed.”

Tracked as CVE-2025-14847, the flaw permits unauthenticated distant attackers to leak the reminiscence of uncovered MongoDB situations, exposing credentials and authentication keys. A public PoC exploit has already been launched that searches for secrets and techniques in uncovered MongoDB servers.

VX-Underground stories that a number of unrelated menace teams could have focused Ubisoft:

• One group claims to have exploited a Rainbow Six Siege service to govern bans and in-game stock with out accessing person information.
• A second group allegedly exploited a MongoDB occasion utilizing MongoBleed to pivot into Ubisoft’s inner Git repositories, claiming to steal a big archive of inner supply code from the Nineties to the current.
• A 3rd group claims to have stolen Ubisoft person information through MongoBleed and is making an attempt to extort the corporate into paying a ransom.
• A fourth group disputes a few of these claims, stating that the second group had entry to Ubisoft’s supply code for some time.

BleepingComputer has not been capable of independently confirm any of those claims, together with whether or not MongoBleed was exploited, whether or not inner supply code was accessed, or whether or not buyer information was stolen.

Right now, we solely know that Ubisoft has confirmed the in-game abuse in Rainbow Six Siege, and there’s no public proof of a bigger breach.

BleepingComputer will replace this story if Ubisoft gives further particulars or if we be taught extra about these different claims.