Rainbow Six Siege Servers Restored After Major Hack Floods Players with Billions in Credits
Ubisoft has restored servers for its blockbuster tactical shooter Rainbow Six Siege following a major security breach that flooded player accounts with billions of in-game credits and unleashed widespread chaos.
The incident, which struck on 27 December, saw hackers exploit a critical vulnerability – reportedly linked to exposed MongoDB databases (tracked as CVE-2025-14847, dubbed “MongoBleed”) – allowing unauthenticated attackers to manipulate game data remotely. Players across all platforms suddenly received approximately 2 billion R6 Credits each – the premium currency bought with real money and valued at around $13.3m (£9.9m) per account if purchased legitimately – alongside billions of in-game Renown.
Hackers also unlocked ultra-rare cosmetics, including developer-exclusive skins and limited-edition items like Glacier packs, while hijacking the game’s ban ticker to display troll messages. These included fake bans for Ubisoft staff labelled “for toxic behaviour” and other defamatory statements, with rumours circulating of up to five hacker groups claiming responsibility.
The breach triggered pandemonium. Logins revealed overflowing inventories: players snapped screenshots of their windfalls, frantically purchasing every cosmetic in the Marketplace – from weapon skins to operator bundles – before it was shuttered. “Why do I have 2.1 billion credits?” one Reddit user posted, capturing the disbelief rippling through communities. Others reported random bans and instant unbans, with the ban feed overwhelmed by hacker taunts. Excitement turned to frustration as servers went offline globally, leaving millions unable to play over the weekend.
To contain the damage, Ubisoft initiated a full database rollback – a process akin to rewinding a video recording of the game’s state. Teams restored servers to a verified snapshot from 10:49 UTC on 27 December (11:00 UTC in initial statements), erasing all transactions, credits, and changes made thereafter. This “point-in-time recovery” involved:
- Reverting inventories: Illegitimate credits, Renown, and purchases were wiped, restoring pre-exploit balances.
- Quality checks: Extensive testing, including a “soft launch” for select players, ensured account integrity before full reopening.
- Player impacts: Those who stayed offline during the incident see no changes. Affected accounts (a “small percentage”) may temporarily lose access to legitimate items, with manual fixes promised over the next fortnight. Crucially, no bans for spending glitch credits.
Servers relaunched on 29 December after live tests, though queues persist as capacity ramps up. The Marketplace remains closed “until further notice”.
Rainbow Six Siege, or R6, is a cornerstone for Ubisoft – makers of Assassin’s Creed and Far Cry – boasting a loyal player base and thriving esports scene. Free-to-play since 2023, it earns via cosmetics, making the exploit a direct hit to its economy.
Ubisoft has not confirmed the MongoDB link but acknowledged the “incident” in X posts from @Rainbow6Game, stressing ongoing investigations. No player data appears compromised, though whispers of a 900GB leak and ransom demands remain unverified.
Author: George Nathan Dulnuan