Rainbow Six Siege servers shut down after 2B credit hack

Rainbow Six Siege Hack Forces Ubisoft Server Shutdown

On December 27, 2025, Ubisoft pulled Rainbow Six Siege offline after an incident that went beyond ordinary cheating: attackers appeared to gain administrative-style control over multiple game functions, including bans, visible system messaging, and inventory-related actions. The most disruptive outcome was economic - players suddenly received roughly 2 billion R6 Credits and Renown - prompting Ubisoft to start rolling back transactions to contain the damage.

What happened

Reports from players and multiple newsrooms describe a short but highly visible takeover of internal game systems. Attackers reportedly:

• pushed fake ban ticker messages and manipulated the ban/unban flow
• unlocked cosmetic content, including items normally restricted to developers
• granted players approximately 2 billion R6 Credits and Renown

Ubisoft acknowledged the incident publicly and intentionally shut down both Siege and its in-game Marketplace while working on remediation. The company also communicated that it would not punish players for spending the granted credits, but it would roll back transactions made after 11:00 UTC on December 27 to limit further abuse.

Why the credit giveaway matters

R6 Credits are sold for real money, so mass grants are not just a gameplay issue - they create direct financial and reputational exposure for a live-service title. Multiple outlets highlighted Ubisoft’s store pricing (15,000 R6 Credits for $99.99), putting the implied value of a 2-billion-credit grant at about $13.33 million (as a notional equivalence, not a cash payout).

What’s confirmed vs. what’s alleged

Confirmed (high confidence):

• In-game abuse occurred (credits/renown grants, ban ticker manipulation, content unlocking).
• Ubisoft shut down the game and Marketplace and initiated a rollback window starting from December 27, 11:00 UTC.

Unverified claims (treat as allegations): Security community reporting amplified claims that the visible game incident may be only one part of a broader intrusion. VX-Underground relayed multiple actor claims, including possible access to internal repositories and potential user-data theft - however, reporting emphasized that these assertions have not been independently confirmed.

Where “MongoBleed” fits in

Some of the broader-breach claims point to a [MongoDB](https://anavem.com/cybersecurity/mongobleed-[mongodb](/glossary/mongodb "GLOSSARY:MongoDB:MongoDB is a document-oriented NoSQL database designed for scalability and flexibility with JSON-like documents.:")-cve-2025-14847-active-exploitation) vulnerability nicknamed MongoBleed (CVE-2025-14847). Security research write-ups describe it as an unauthenticated memory disclosure issue that can leak sensitive data from MongoDB server memory under certain conditions, particularly involving Zlib-compressed network message handling.

Two points matter for readers:

1. Even if MongoBleed is real and actively discussed in the security community, it does not prove it was used in this Ubisoft case.
2. If a company’s MongoDB instances were exposed and vulnerable, memory disclosure can leak secrets (credentials, tokens, keys), which can enable deeper compromise after the initial foothold.

BleepingComputer framed the MongoBleed-to-Ubisoft linkage as rumor/claim-driven at the time of publication, with the only hard-confirmed facts centered on the in-game abuse.

Who is affected and what players should do now

Ubisoft has not publicly confirmed that Ubisoft account credentials or personal data were accessed as part of this incident, so user actions should be framed as precautionary hygiene rather than breach-response certainty. Still, high-visibility incidents tend to trigger phishing and credential-stuffing attempts.

Recommended steps:

• Enable MFA on your Ubisoft account (if available) and ensure recovery options are current.
• Change your password if you reuse it elsewhere, and use a unique password for Ubisoft going forward.
• Watch for phishing that references “compensation,” “rollback,” or “free credits,” especially links that ask you to sign in.
• Monitor in-game inventory and purchases once services stabilize, particularly if you traded items via the Marketplace before the rollback window.

Key figures

Figure	Context
~2 billion	R6 Credits and Renown reportedly granted to players during the incident
$99.99	Ubisoft store price referenced for 15,000 R6 Credits
11:00 UTC (Dec 27, 2025)	Ubisoft rollback cutoff time for transactions
Dec 27 - 28, 2025	Public reporting window as Ubisoft took services offline and investigated