Top 10 Biggest Hacks in Gaming History

In the middle of 2020, when we were all stuck inside our homes playing “Animal Crossing,” a multitude of users had their Nintendo Network ID accounts compromised. While Nintendo itself wasn’t hacked, 300,000 accounts had log-in information obtained through illegal methods. Hackers gained access to digital funds as well as personal information tied to those accounts. In response, Nintendo disabled the use of Nintendo Network IDs to sign in online. However, Nintendo did find itself the victim of a massive leak that very same year. Between July 2020 and July 2021, multiple sets of data, including game and console source code, were posted to 4chan. The leaks spanned multiple past consoles, reaching as far back as the SNES.

Ubisoft is a massive publisher, known for beloved franchises like “Assassin’s Creed” and “Far Cry.” But that just made it a bigger target when it was hacked in 2013. Ubisoft had one of its websites breached, an event that impacted a potential 58 million users. Thankfully, no payment information was kept on the site. However, the hackers had free rein when it came to user names, e-mail addresses, and encrypted passwords. Outside of advising users to change their passwords, Ubisoft didn’t offer much else information. Multiple security experts then called the company out, calling in to question how the company stored and secured user passwords. If 58 million people were possibly affected, they should probably give us more than that.

Hacker group LAPSUS$ made a big name for itself in early 2022. It stole around 1 terabyte worth of data from Nvidia, the largest microchip manufacturer in the U.S. Among the data stolen were employee passwords, firmware data, and code for the company’s DLSS. Deep Learning Super Sampling is a feature found in the company’s RTX graphics cards, which enhances graphical resolution and frame rates in PC games. Naturally, the impressive tech is something Nvidia would want to keep secret. However, LAPSUS$ got a bit overzealous, hacking other big companies like Microsoft and Samsung around the same time. As a result, multiple members were arrested not long after leaking Nvidia’s files online.

Due to a leak in 2020, Capcom fans know mostly what to expect from the publisher’s upcoming release schedule. The hackers gained access to around 350,000 pieces of information from past and current employees as well as shareholders. Luckily, no user payment info was compromised. However, the hackers also gained access to Capcom’s upcoming releases, which they leaked online when Capcom refused to bow to ransom demands. Many of these leaked projects have since been officially revealed by Capcom, including the highly anticipated remake of “Resident Evil 4” and a new entry in the “Street Fighter” series. Assuming there won’t be any delays, we can also expect a “Final Fight” remake and a new “Monster Hunter.”

In another failed attempt to ransom stolen data, hackers targeted Electronic Arts in 2021. Those responsible stole around 780 gigabytes worth of data. This included the source code for “Fifa 21” and the Frostbite Engine, which is used for the sports series and the “Battlefield” franchise, as well as other development tools. The group reportedly first tried to auction off the data to other known hackers for $28 million. When they didn’t get any bites, they then tried to extort EA. This didn’t prove fruitful either as EA refused to play ball. And so, everything was leaked online. Thankfully, no user information whatsoever was part of the 780 gigabytes. But it was still a pretty sizeable breach.

In early 2021, anonymous hackers targeted CD Projekt Red in a cyber attack, which saw them make off with a ton of important data. Documents from across the Polish studio’s many departments, including HR, Accounting, and Investor Relations were stolen, though thankfully no personal information for any employees or customers. However, the perpetrators did make off with a treasure trove of source code for “Cyberpunk 2077,” “Gwent,” and the original version of “The Witcher 3” as well as an unreleased version. Although it received a ransom note, CD Projekt Red refused to meet demands. The hackers then auctioned off their spoils, asking for a minimum of $1 million. All the studio could do was issue DMCAs when the code appeared online.

The Electronic Entertainment Expo has had a rough couple of years. While the debate continues about whether or not it should still exist, 2019 offered a huge piece of evidence for the latter. While everything else on our list was the result of a cyber attack, E3 took care of that bit itself. On the event’s official website, a link led to a spreadsheet holding the personal information of around 2,000 journalists and influences in attendance. The ESA never explained how this blunder could have happened, but some of the attendees were harassed and received death threats. What’s worse is that users were then able to uncover similar spreadsheets on past events. Oof.

With most of its games being online, and with how long Blizzard has been around, the studio has been hacked many times over the years. But in 2020, hackers decided to pile it on. In the span of one week, Blizzard was hit with 4 DDOS attacks. Distributed Denial Of Service attacks swarmed Blizzard’s Battle.net servers, making it so actual players couldn’t play their games. This was in March of 2020, mind you, at the onset of the pandemic when employees were trying to get used to working from home. Additionally, video games were a comfort for many of us when we were cut off from the outside world. Making it so players couldn’t access their favorite games was a real bad move.

Steam is a pretty fantastic service, but that doesn’t make it immune to cyber attacks. In 2011, Valve’s digital store was the victim of a massive hack. At first, Valve believed the group had only hacked one of Steam’s forums. Unfortunately, it then found they had gained access to a database holding user information. This included email addresses, passwords, billing addresses, and credit card information. At the time, the service had around 35 million users, though it’s unclear how many of those users were actually put at risk. Still, it goes to show you should immediately change your passwords and keep a close eye on card purchases if you ever get wind of events like these.

Where do we begin? The 2011 PSN Hack was so detrimental, we still get horrific flashbacks. The attack occurred in April, resulting in around 77 million accounts being compromised and online services for both the PS3 and PSP being unavailable. However, instead of notifying users of the attack, Sony took down online services for supposed maintenance. It wasn’t until well over a week later that Sony made the hack public knowledge, and it wasn’t until some time later when online services would be back. To appease players, Sony gave away some games across both platforms. Many felt this was a bandaid for a gunshot wound, and government bodies from around the world questioned and investigated Sony. Hopefully, we’ll never see anything like this again.