Today a e-mail request change my UBI password, is a true UBI mail?

[MOH_Hirth]

Dear Member,

We recently found that one of our Web sites was exploited to gain unauthorized access to some of our online systems. We instantly took steps to close off this access, investigate the incident and begin restoring the integrity of any compromised systems.

During this process, we learned that data had been illegally accessed from our account database, including user names, email addresses and encrypted passwords. Please note that no personal payment information is stored with Ubisoft, meaning your debit/credit card information was safe from this intrusion.

As a result, we are recommending that you change the password for your account: MOH_Hirth

To enter your new password, click the link below: https://secure.ubi.com/register/Rese...default%2Easpx

[PilotError]

I just got home from work and found the same email, and like you I wasn't sure if it was genuine or not.
So I went to the UBI forums and saw that the same message is the first thread at the top of the page.

So the message that the UBI database has been hacked seems to be genuine, but just to be on the safe side I used the links on the forum page to change my password rather than the links in the email.

[Racetrack]

Found the same!

[_1SMV_Gitano]

I received a couple of such emails in the last weeks... I have no clues about their origin.

[Pfeil]

Yes. Ubisoft was hacked (Joytiq article).

If you've received such an email, change all passwords related to ubisoft(Forums, UPlay). If you use the same password across multiple sites, change it as well, and use a unique password.

If you're using simple/non-unique passwords, I recommend using KeePass to make and keep track of complex, unique passwords.


I wouldn't rule out some spammer using this for spearphishing, so using the site itself rather than a link in the emails is a good idea.