Ubisoft shut down Rainbow Six Siege servers worldwide after attackers hijacked backend systems and started dropping 2 billion R6 Credits into player accounts, a stash worth around $13.33 million at official pricing for each affected profile.
The breach that turned every lobby into a whale lobby
Reports began rolling in on December 27 that accounts across PC and console were suddenly showing 2,000,000,000 R6 Credits and Renown, access to developer-only skins, plus bans and unbans firing at random.
Attackers did not just tamper with balances. Coverage from multiple outlets describes control over moderation tools, including the power to ban or unban users and to inject custom messages into the in-game ban ticker, which Ubisoft had already disabled in a prior update.
Ubisoft, via the official Rainbow Six X account, chose restrained language. The company called it an “incident” that affected Siege and confirmed that teams were working on a fix while the server status page lit up with unplanned outages across all platforms.
“Nobody will be banned for spending credits received. A rollback of all transactions that occurred since 11 AM (UTC time) is underway.”
Rollback math and the hidden liability
The raw numbers look absurd on paper. Ubisoft sells 15,000 R6 Credits for $99.99 after a June 10 adjustment to pack sizes. At that rate, 2 billion credits map to roughly 133,333 of those packs, or about $13.33 million in store value per impacted account. Even if not every profile received the full amount, the theoretical liability on Ubisoft’s books dwarfs most NFT mints.
The problem runs deeper than cosmetics. Siege’s Marketplace lets players trade items for R6 Credits, which ties cosmetic prices to this premium balance. Flood that balance and you torch price discovery for skins and charms that sit at the center of a thriving grey market.
Ubisoft responded with hard intervention. The company confirmed that all in-game transactions after 11:00 UTC on December 27 will roll back. Players keep nothing they bought with the injected currency once the ledger reverts to that checkpoint, even if they sprinted through the store before servers went dark.
Servers crawl back, Marketplace stays frozen
Siege and its Marketplace went intentionally offline on December 27 while teams worked on the rollback, a step Ubisoft confirmed in a follow-up X post linked through a short URL.
By early December 29, Ubisoft started a soft relaunch. First a small subset of users regained access as live tests ran, then the game reopened to all players with long login queues as services ramped back up.
According to Ubisoft’s latest summary, players who never logged in during the exploit window should see no inventory changes. Those who did log in between December 27 and December 29 might temporarily lose access to some owned items while investigations continue over the next two weeks. The rollback is marked as complete. The Marketplace remains closed until further notice.
Centralized game money vs. crypto-grade finality
For crypto natives, the playbook feels familiar. Admins discovered a ledger distortion, froze the system, picked a safe checkpoint, and rewound history. Siege players just watched in-game balances, Marketplace trades, and unlocks revert to an earlier snapshot because the operator decided that was the cleanest path out.
That is the same pattern the Flow Foundation followed this weekend after an execution-layer exploit drained around $3.9 million from the Flow blockchain. Validators accepted a protocol fix that restores the network to a pre-exploit checkpoint and wipes all unauthorized transactions in that window from history.
The exploit pushed FLOW down about 40 percent intraday as traders processed the combination of a protocol flaw and a unilateral rollback, even though the team stressed that user balances before the attack remained untouched.
In Siege, there is no pretense of decentralization. Ubisoft owns the database and sets the rules, so a rollback is simply customer service at scale. For on-chain games and bridges that touch these closed economies, the lesson bites harder. Any tokenized claim on centralized game balances inherits platform risk from admins who can print currency, void trades, or rewind ledgers when a crisis lands.
The web2 gaming scare that crypto should study
Ubisoft’s promise not to ban players who spent the windfall credits does not change the core fact that a single backend flaw let unknown actors mint premium currency, touch ban systems, and spray rare items across one of the largest live-service shooters in the world. That is a stress test for every argument that premium game currencies behave like money but sit outside the scrutiny piled onto stablecoins and exchange balances.
Crypto builders now have two fresh case studies in one weekend. A centralized game economy that required a hard rollback after a $13.3 million-per-account glitch. And an L1 that chose a chain reset to reverse a $3.9 million exploit. The common thread is not just security. It is governance. Who holds the undo button when things go wrong, and how transparent they are when they press it.
