In one of the most severe security breaches in live-service gaming history, Ubisoft has been forced to take all Rainbow Six Siege servers and its in-game Marketplace offline as of December 27, 2025. The intentional shutdown comes after hackers gained administrative access to the game’s backend, causing widespread chaos across PC, PlayStation, and Xbox platforms.

Billions in Free Credits and Random Bans

The breach manifested in a highly visible way for players. On Saturday morning, thousands of users logged in to find 2 billion R6 Credits worth approximately $13.33 million in real-world currency—suddenly added to their accounts.

Beyond the currency injection, the attackers were able to:

  • Unlock all in-game cosmetics, including ultra-rare "Dev" skins.

  • Manipulate the global ban ticker with custom messages.

  • Trigger automatic account bans for innocent players while unbanning known cheaters.

The Technical Vulnerability

Security research groups, including VX-Underground, suggest the intrusion may have leveraged a recently disclosed MongoDB vulnerability known as "MongoBleed" (CVE-2025-14847). This flaw allowed attackers to leak memory from exposed database instances, potentially giving them the credentials needed to access Ubisoft's internal infrastructure tools.

Ubisoft's Response: The Great Rollback

Ubisoft acknowledged the "unplanned outage" and confirmed that they are working to secure the infrastructure. To fix the economy and account statuses, a full rollback of all transactions made after 11:00 AM UTC on Saturday has been initiated.

Critically, the development team has assured the community that no players will be penalized for spending the hacked credits they received. However, servers remain offline with no confirmed ETA for restoration, as teams audit the source code and security protocols following claims that internal source code was also stolen during the attack.

Tags
Rainbow Six Siege hack R6 credits breach Siege rollback December 2025 hacker attack Rainbow Six Siege