Ubisoft's Uplay service, the system housing customer data, is never mentioned specifically. Last year, a browser exploit was identified with the Uplay plug-in that endangered users by allowing certain malicious websites access to player computers.
Ubisoft introduced Uplay back in 2009 as a cross-game interface allowing for digital distribution and social services across Ubisoft games. In February, Ubisoft added third-party games from studios including EA, Warner Bros. and Focus Home Interactive.
Update: A Ubisoft representative reached out to say, "The attack did not originate via any Uplay services, the intrusion targeted some of our internal online systems." We've altered the story to reflect this.
During this process, we learned that data were illegally accessed from our account database, including user names, email addresses and encrypted passwords. No personal payment information is stored with Ubisoft, meaning debit/credit card information was safe from this intrusion. Out of an abundance of caution, we are recommending all our users change their passwords. We sincerely apologize to them for any inconvenience. Additional information is available here.
Ubisoft's security teams are constantly exploring all available means to expand and strengthen our security measures against such criminal activities in order to better protect our customers.
We sincerely apologize for any inconvenience and thank you for your understanding.