Highlights
- Ubisoft shut down Rainbow Six Siege servers worldwide after a major backend security breach.
- Hackers injected about 2B R6 Credits per player and unlocked all in-game items.
- Player data is being rolled back, with full service restoration still in progress.
Ubisoft has shut down servers and the in-game marketplace for Tom Clancy's Rainbow Six Siege after a major security breach allowed attackers to manipulate core backend systems. According to the official Rainbow Six Siege X (formerly Twitter) handle, the incident began early Saturday, Dec. 27, forcing the live service offline across PC, PlayStation, and Xbox.
The attackers gained broad control over game systems, enabling them to unlock all in-game items, issue bans and unbans, inject custom messages into the ban feed, and credit every player with roughly 2B R6 Credits and Renown.
Ubisoft sells R6 Credits directly, pricing 15,000 credits at $99.99 USD, which places the injected currency at an estimated value of about $13.33M.
Ubisoft confirmed that players will not be punished for spending any credits received during the breach. However, to protect the in-game economy, the company is rolling back all transactions made after 11:00 am UTC on 27 Dec. 2025. At the time of writing, full-service restoration had not yet been completed.
Rainbow Six Siege Rollback Underway as Ubisoft Restores Service
In a post on X (formerly Twitter) on Dec. 28, Ubisoft said the rollback process is underway and is being handled carefully, followed by extensive quality control checks to ensure account accuracy. Due to this process, the company said it cannot guarantee when servers will be fully restored.
On Dec 29, Ubisoft announced that Rainbow Six Siege is reopening to players as rollbacks progress. Some users, who connected after 10:49 UTC on Dec 27, may temporarily be missing owned items, which Ubisoft stated it will investigate and correct over the next two weeks. The official service status page continues to list the outage as unplanned, with access still being restored.
Security researchers and community reports suggest the attackers achieved deep access to backend systems, possibly through abused application programming interfaces with weak authorization checks. Ubisoft has not confirmed the cause.
The incident highlights the risks facing large live-service games, where backend breaches can disrupt economies, player trust, and global access at scale.
