Gio

Dr Doofenshmirtz whenever Perry the Platypus pulls up

The exploit? Old school kids'll know, but text messages used to be 140 characters per text, regardless of whether you sent 1 character or all 140. You'd get charged for that 140 character block. Imagine sending a text with just 10 characters, but those 10 characters are absolute garbage. Your network carrier goes "hey, these 140 characters you sent aren't legit, here's what you sent so you can see what's wrong". But you didn't send 140. You sent 10. The carrier just assumed you'd sent 140. What the carrier then does is take 130 characters it had stored in memory FROM OTHER TEXT MESSAGES and returns them to you. Those 130 characters could contain passwords, access tokens - anything. The exploit is actually the sender saying "hey I'm sending you 1MB of data" but only sending 10Kb for example", but kept it simple above for ease of reading. Ubi were just the unfortunate large company to be the first to fall to it. Wouldn't shock me if others have too...

A rollback is currently ongoing and afterwards, extensive quality control tests will be executed to ensure the integrity of accounts and effectiveness of changes. The team is focused on getting players back into the game as quickly as possible. Please know that this matter is being handled with extreme care and therefore, timing cannot be guaranteed. We will provide another update as soon as we know more. Thank you all for your patience and understanding as we continue to tackle this.