Ubisoft Confirms Rainbow Six Siege Server Breach Linked to MongoBleed Vulnerability

Ubisoft experienced a critical security incident today as threat actors exploited the MongoBleed vulnerability to compromise Rainbow Six Siege servers, triggering widespread account tampering, in-game currency fraud, and data exfiltration affecting millions of players globally.

Field	Details
CVE ID	CVE-2025-14847
Vulnerability Name	MongoBleed
Affected Component	MongoDB Databases
Attack Vector	Network-based, unauthenticated
Severity	Critical
Impact	Arbitrary data read, memory disclosure
Exploitation Method	Malformed compressed packets bypass authentication

Players worldwide reported extraordinary account modifications beginning early today. Thousands discovered their accounts credited with millions of R6 Credits and Renown, while exclusive cosmetics normally locked behind paywalls were unlocked across random user accounts.

The fabricated in-game currency disruption totaled approximately $339.96 trillion in virtual assets.

The attackers escalated by weaponizing Rainbow Six’s anti-cheat ban system, targeting high-profile accounts including Ubisoft administrators and prominent streamers.

https://twitter.com/IntCyberDigest/status/2004968894725865655?ref_src=twsrc%5Etfw

Cryptic messages appeared through sequential bot account bans, reading “What else are they hiding from us?” using the ban notification system as an unconventional communication channel.

https://twitter.com/Pirat_Nation/status/2004901721336590703?ref_src=twsrc%5Etfw

Multiple Threat Groups Involved

Security analysis confirms three distinct threat actors exploited MongoBleed. The First Group orchestrated the visible in-game assault, while a separate threat actor exfiltrated approximately 900GB of sensitive data including source code, software development kits (SDKs), and multiplayer infrastructure spanning from the 1990s to present.

A third group claimed unauthorized access to user databases and attempted extortion via Telegram, demanding cryptocurrency.

Ubisoft confirmed the breach in an official statement as servers entered offline maintenance for unannounced repairs. Security experts strongly recommend players avoid logging into Ubisoft Connect until server integrity verification completes.

The publisher plans a comprehensive data rollback to restore accounts to pre-incident states a necessary measure to mitigate economic damage despite disrupting legitimate weekend progression.

This incident underscores the critical importance of immediately patching high-severity database vulnerabilities.

The intellectual property loss could enable cheat development and reverse engineering of Ubisoft’s game engines for years, representing a catastrophic setback for the publisher’s security posture.

Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyber Press as a Preferred Source in Google.

The post Ubisoft Confirms Rainbow Six Siege Server Breach Linked to MongoBleed Vulnerability appeared first on Cyber Security News.