Nikolas Sargeant
French video gaming giant Ubisoft has been forced to suspend live services for Rainbow Six Siege after hackers breached the game's systems and distributed 2 billion in-game credits to every player, triggering an emergency shutdown and extensive rollback operation.
The exploit was initially confirmed by the development team via X on December 27, with a series of updates following that ultimately led to suspension of the game's servers and marketplace the following day. The breach represents one of the most significant compromises of a major gaming platform's economy in recent years.
Reports from players on social media indicate hackers gained control of major portions of the game's online systems, with players logging in to discover they had received 2 billion R6 credits alongside rare items including exclusive skins and weapons. The hackers also obtained control of the game's messaging and banning systems, according to screenshots shared by affected players.
With the game selling 15,000 R6 credits for $99.99, players would need to spend approximately $13.33 million to legitimately accumulate 2 billion credits through standard purchases. The massive credit distribution effectively flooded the game's economy with currency worth billions of dollars in aggregate if purchased through official channels.
In an X post on December 28, the Rainbow Six Siege team announced it was implementing a reversal of in-game credits received after 11 AM UTC. "A rollback is currently ongoing and afterwards, extensive quality control tests will be executed to ensure the integrity of accounts and effectiveness of changes," the team stated.
"Please know that this matter is being handled with extreme care and therefore, timing cannot be guaranteed. We will provide another update as soon as we know more," the development team added, emphasizing the complexity of the restoration process.
The team clarified that players will not face bans for spending any of the credits they received during the breach, acknowledging that users had no control over the unauthorized distributions and should not be penalized for the security failure.
The game is currently undergoing soft-launch testing with a limited number of players as Ubisoft works to restore normal operations. "Opening the game to a small number of players only, while we complete live tests. More information on the rollback and full live relaunch to come," the team announced on X.
Rainbow Six is a major franchise within Ubisoft's portfolio, with the Siege title maintaining a daily average of over 34,000 active players in December according to data from Active Player. The game's sustained player base makes the breach particularly significant, as the economic disruption affects tens of thousands of active accounts.
The incident highlights ongoing security vulnerabilities in online gaming economies, which have become increasingly attractive targets for malicious actors. In-game currencies and virtual items represent real monetary value through both official purchase channels and unofficial secondary markets, making breaches potentially lucrative for attackers.
Video game modifications have also emerged as vectors for cryptocurrency-related malware. Security firm Kaspersky recently identified a new "Stealka" cryptocurrency information stealer spreading through game modifications, demonstrating the intersection between gaming platforms and digital asset security threats.
The Rainbow Six Siege breach follows a pattern of escalating attacks on gaming infrastructure, though the scale of credit distribution in this case appears unprecedented among major titles. The hackers' ability to manipulate core game systems including messaging and moderation tools suggests a sophisticated compromise extending beyond simple economic exploits.
Ubisoft has not disclosed technical details about how the breach occurred or what security measures failed to prevent the unauthorized access. The company's response has focused on restoration efforts rather than attribution or explanation of the vulnerability exploited.
