Activision employees reportedly found out about data breach on social media

Activision did not notify affected employees.

Activision Blizzard logo
Image via Activision

Months ago, hackers successfully infiltrated Activision Blizzard data when an employee was phished, revealing some information about internal employee and game data, according to a report from TechCrunch.

Recommended Videos

The breach occurred on Dec. 4, but the company reportedly did not notify its employees about it until last weekend. In fact, employees were allegedly made aware of the breach when a Twitter account belonging to vx-underground published the breach. Activision did not tell anyone about the breach, vx-underground claims.

The information extracted from the breach contained “sensitive workplace documents as well as scheduled to be released content” up to Nov. 17. Whoever hacked Activision also tried to hack other employees but did not succeed. Documents that were reportedly stolen include employee data such as full names, telephone numbers, email addresses, and some employees had information stolen about which office they worked in.

Employees claim they found out through the Twitter account that found the hack, and they are not pleased that the company didn’t say anything about it. Since the breach occurred on Dec. 4, employees are reporting that they have not heard any news from official channels from their employer.

“This is a problem. If there is employee’s information involved, they should have disclosed the breach,” an anonymous Activision employee told TechCrunch.

Although the vx-underground tweet gave some information about what was gleaned from the breach, Activision has not told employees exactly what information was compromised and whether any of the employees’ personal data has been distributed. Those that work for the company are understandably not pleased.

There has been no official statement made by Activision yet other than a company spokesperson saying that Activision “quickly resolved” a phishing attempt on Dec. 4 and subsequently concluded no sensitive employee data, game code, or player data was accessed.” California laws state that a breach must be disclosed in a timely manner to victims when 500 or more of the state’s residents have been affected.

Author
Image of Jessica Scharnagle
Jessica Scharnagle
Jessica has been an esports and gaming journalist for just over five years. She also teaches esports journalism at Rowan University. Follow her for all things gaming, @JessScharnagle on Twitter.