Ubisoft has revealed that a hack of its systems exposed user names, email addresses, and encrypted passwords, but not financial data.
The attackers exploited one of Ubisoft's websites "to gain unauthorized access to some of our online systems," the company wrote in a blog post. Ubisoft shut down the hackers' access, but discovered that they had infiltrated the company's account database.
"It's important to note that no personal payment information is stored with Ubisoft, so fortunately all credit/debit card information was safe from this intrusion," according to Ubisoft.
Ubisoft is recommending that all account holders change their passwords on ubi.com, as well as on other websites where they might have used the same password.
Although passwords were encrypted, they "could be cracked, in particular if the password chosen is weak. This is the reason we are recommending that our users change their password," Ubisoft said.
Ubisoft declined to go into specifics about the attack "for security reasons," but denied that it originated via any Uplay services.
The company has alerted the necessary authorities and said it taking steps to shore up its systems. But "no company or organization is completely immune to these kinds of criminal attacks," Ubisoft said. Access to Ubisoft games was not affected.
Ubisoft is one of several high-profile gaming firms that will be rolling out games for the upcoming Xbox One and PlayStation 4, including Watch Dogs, which ironically requires players to hack into various electronic systems.
In May, Ubisoft revealed that it worked with Kaspersky Lab to make sure the hacking in the game looked authentic.