Exploit: Credential Stuffing
Activision Blizzard: Video Game Developer
Risk to Small Business: 1.995 = Severe Cybersecurity researchers have uncovered the files for more than 500,000 accounts for the company’s Call of Duty franchise with login data compromised. The eSports site Dexerto reported that a data breach occurred on September 20 and that the credentials to access these accounts have been leaked publicly. Activision Blizzard is denying the incident, but many gaming and cybersecurity news outlets have reported evidence of the incident, including directly affected user records
Individual Risk: 1.965 = SevereCall of Duty account holders should monitor their account for unauthorized activity. No information has been reported on whether or not financial information or PII was included in this breach. Players should also be alert to potential spear phishing using this information.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Failing to acknowledge a data breach that’s widely reported and confirmed is not the way to start repairing your company’s reputation or your clients’ trust after an incident.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
