Crytek
Company Details
Linkedin ID:
crytek
Website:
Employees number:
497
Number of followers:
77,031
NAICS:
51126
Industry Type:
Homepage:
crytek.com
IP Addresses:
0
Company ID:
CRY_1287180
Scan Status:
In-progress
Crytek Company CyberSecurity Posture
crytek.com
Crytek is an independent videogame developer, publisher, and technology provider dedicated to pushing the boundaries of gaming with its cutting-edge 3D game development solution CRYENGINE. With headquarters in Frankfurt am Main (Germany) and studios in Kiev (Ukraine), and Istanbul (Turkey), Crytek has created multiple award-winning titles, including the original Far Cry, the Crysis series, Ryse: Son of Rome, Warface, The Climb, Robinson: The Journey and Hunt: Showdown. Crytek delivers fun and innovative gaming experiences for PC, consoles, and VR and continues to grow its reach in the games-as-a-service market. Every Crytek game is created with CRYENGINE, which can be used by anyone to create games. For more information visit www.crytek.com - www.cryengine.com and www.huntshowdown.com
Crytek A.I CyberSecurity Scoring
Crytek Risk Score (AI oriented)Between 600 and 649
Crytek
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Crytek Global Score (TPRM)XXXX
Crytek
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Crytek Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Crytek
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Crytek, a game developer, and publisher company was attacked by the Egregor ransomware gang in October 2020. The attackers encrypted the systems and stole files containing customers' personal info. A part of the stolen data was leaked on a data leak site.
Ubisoft and Crytek: Upcoming Ubisoft Games Like Splinter Cell Remake, Assassin's Creed Jade, Codename Hexe, Could Leak Due To This Data Breach, All You Need To Know
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: **Ubisoft Hit by Massive Data Breach via MongoBleed Exploit** Hackers have targeted Ubisoft in a significant security breach, exploiting the **MongoBleed** vulnerability—a method involving unsecured MongoDB databases with no authentication. According to a post on X (formerly Twitter), attackers exfiltrated over **900GB of data**, including the **source code for all Ubisoft products from 1990 to present**. The stolen material reportedly covers unreleased games, Uplay services, and other proprietary assets, with potential leaks of upcoming titles like *Splinter Cell Remake*, *Assassin’s Creed Jade*, and *Codename Hexe*. The breach occurred when hackers scanned the internet for exposed MongoDB ports, a common attack vector in the **MongoBleed** technique. While Ubisoft has not confirmed the incident, the hackers claimed to have held the data for **48 hours** before demanding a ransom. If the theft is verified, the leak could expose unreleased projects, development pipelines, and sensitive internal systems—posing a major risk to the company’s intellectual property. Game studios like Ubisoft are frequent targets due to their vast repositories of **source code, player databases, and live-service game data**, which are highly valuable to cybercriminals. Crytek was also reportedly affected in the same campaign. The incident underscores the ongoing threat posed by unsecured databases, particularly in industries handling large volumes of proprietary digital assets.
Crytek Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Crytek
Incidents vs Computer Games Industry Average (This Year)
Crytek has 0.0% fewer incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Crytek has 26.58% more incidents than the average of all companies with at least one recorded incident.
Incident Types Crytek vs Computer Games Industry Avg (This Year)
Crytek reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — Crytek (X = Date, Y = Severity)
Crytek cyber incidents detection timeline including parent company and subsidiaries
Crytek Company Subsidiaries
Crytek is an independent videogame developer, publisher, and technology provider dedicated to pushing the boundaries of gaming with its cutting-edge 3D game development solution CRYENGINE. With headquarters in Frankfurt am Main (Germany) and studios in Kiev (Ukraine), and Istanbul (Turkey), Crytek has created multiple award-winning titles, including the original Far Cry, the Crysis series, Ryse: Son of Rome, Warface, The Climb, Robinson: The Journey and Hunt: Showdown. Crytek delivers fun and innovative gaming experiences for PC, consoles, and VR and continues to grow its reach in the games-as-a-service market. Every Crytek game is created with CRYENGINE, which can be used by anyone to create games. For more information visit www.crytek.com - www.cryengine.com and www.huntshowdown.com
Loading...
Crytek Similar Companies
Ubisoft
Ubisoft is a global leader in gaming with teams across the world crafting original and memorable gaming experiences featuring brands such as Assassin’s Creed®, Brawlhalla®, For Honor®, Far Cry®, Tom Clancy’s Ghost Recon®, Just Dance®, Rabbids®, Tom Clancy’s Rainbow Six®, The Crew® and Tom Clancy’s T
Keywords Studios
🎮🎬 We help make video games, films, and fan favourites you’ve probably played, watched, or heard. We work behind the scenes with game developers, publishers, and entertainment companies to bring their ideas to life and keep them running smoothly. From game development and art production to audio se
Epic Games
Founded in 1991, Epic Games is a leading interactive entertainment company and provider of 3D engine technology. Epic operates Fortnite, one of the world’s largest games with over 350 million accounts and 2.5 billion friend connections. Epic also develops Unreal Engine, which powers the world’s lead
.png)
Crytek CyberSecurity News
December 13, 2023 08:00 AM
Sony investigating potential ransomware attack on Insomniac Games unit
Sony said it is looking into reports of a ransomware attack on its subsidiary Insomniac Games, the studio behind popular titles like Spider-Man, Spyro the...
March 12, 2022 08:00 AM
Ubisoft suffered a cyber security incident that caused a temporary disruption
Video game company Ubisoft has suffered a 'cyber security incident' that had a severe impact on games, systems, and services.
December 04, 2020 08:00 AM
Kmart’s reported ransomware attack highlights ongoing threat to retail
Egregor is emerging as growing cyberthreat as the pandemic shifts holiday shopping even further toward e-commerce.
September 04, 2017 08:30 PM
video game — Latest News, Reports & Analysis
Explore the latest news, real-world incidents, expert analysis, and trends in video game — only on The Hacker News, the leading cybersecurity and IT news...
August 05, 2013 07:00 AM
German Video Game 'Crytek' Websites go offline after Security Breach
It seems that German Video Game company 'Crytek' has been the latest victim of hacking attacks on its website and few forums,...
November 09, 2012 08:00 AM
Cybersecurity researchers discover holes in Modern Warfare 3, CryEngine 3
Cybersecurity researchers discover holes in Modern Warfare 3, CryEngine 3 ... Two researchers have found security flaws in Call of Duty: Modern...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Crytek CyberSecurity History Information
Official Website of Crytek
The official website of Crytek is http://www.crytek.com/.
Crytek’s AI-Generated Cybersecurity Score
According to Rankiteo, Crytek’s AI-generated cybersecurity score is 603, reflecting their Poor security posture.
How many security badges does Crytek’ have ?
According to Rankiteo, Crytek currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Crytek have SOC 2 Type 1 certification ?
According to Rankiteo, Crytek is not certified under SOC 2 Type 1.
Does Crytek have SOC 2 Type 2 certification ?
According to Rankiteo, Crytek does not hold a SOC 2 Type 2 certification.
Does Crytek comply with GDPR ?
According to Rankiteo, Crytek is not listed as GDPR compliant.
Does Crytek have PCI DSS certification ?
According to Rankiteo, Crytek does not currently maintain PCI DSS compliance.
Does Crytek comply with HIPAA ?
According to Rankiteo, Crytek is not compliant with HIPAA regulations.
Does Crytek have ISO 27001 certification ?
According to Rankiteo,Crytek is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Crytek
Crytek operates primarily in the Computer Games industry.
Number of Employees at Crytek
Crytek employs approximately 497 people worldwide.
Subsidiaries Owned by Crytek
Crytek presently has no subsidiaries across any sectors.
Crytek’s LinkedIn Followers
Crytek’s official LinkedIn profile has approximately 77,031 followers.
NAICS Classification of Crytek
Crytek is classified under the NAICS code 51126, which corresponds to Software Publishers.
Crytek’s Presence on Crunchbase
No, Crytek does not have a profile on Crunchbase.
Crytek’s Presence on LinkedIn
Yes, Crytek maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/crytek.
Cybersecurity Incidents Involving Crytek
As of December 29, 2025, Rankiteo reports that Crytek has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Crytek has an estimated 1,998 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Crytek ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Crytek detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with no official confirmation from ubisoft yet..
Incident Details
Can you provide details on each incident ?
Title: Crytek Ransomware Attack
Description: Crytek, a game developer, and publisher company was attacked by the Egregor ransomware gang in October 2020. The attackers encrypted the systems and stole files containing customers' personal info. A part of the stolen data was leaked on a data leak site.
Date Detected: October 2020
Type: Ransomware
Attack Vector: Ransomware
Threat Actor: Egregor ransomware gang
Motivation: Financial Gain
Title: Ubisoft MongoBleed Data Breach
Description: Ubisoft fell victim to a significant security breach where hackers exploited the MongoBleed vulnerability to steal over 900GB of data, including source code for all its products since 1990. The breach may lead to leaks of upcoming projects if the ransom is not paid.
Type: Data Breach / Ransomware
Attack Vector: Exploiting open MongoDB ports with no authentication
Vulnerability Exploited: MongoBleed
Motivation: Financial gain (ransom) / Data exfiltration
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Open MongoDB ports with no authentication.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware CRY181311222
Data Compromised: Customers' personal info
Systems Affected: Encrypted systems
Incident : Data Breach / Ransomware UBICRY1766971965
Data Compromised: Over 900GB of data, including source code, unreleased builds, DLCs, and player databases
Systems Affected: Ubisoft's internal databases, development environments, and live service game infrastructure
Operational Impact: Potential disruption to game development and live services
Brand Reputation Impact: Severe if unreleased projects are leaked
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Customers' personal info, Source Code, Unreleased Builds, Dlcs, Player Databases and .
Which entities were affected by each incident ?
Incident : Data Breach / Ransomware UBICRY1766971965
Entity Name: Ubisoft
Entity Type: Game Studio
Industry: Gaming / Entertainment
Incident : Data Breach / Ransomware UBICRY1766971965
Entity Name: Crytek
Entity Type: Game Studio
Industry: Gaming / Entertainment
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach / Ransomware UBICRY1766971965
Communication Strategy: No official confirmation from Ubisoft yet
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware CRY181311222
Type of Data Compromised: Customers' personal info
Data Exfiltration: Yes
Data Encryption: Yes
Personally Identifiable Information: Yes
Incident : Data Breach / Ransomware UBICRY1766971965
Type of Data Compromised: Source code, Unreleased builds, Dlcs, Player databases
Sensitivity of Data: High (proprietary game code, unreleased projects)
Data Exfiltration: Yes (900GB of data accessed for 48 hours)
File Types Exposed: Source code filesGame buildsDatabases
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware CRY181311222
Ransomware Strain: Egregor
Data Encryption: Yes
Data Exfiltration: Yes
Incident : Data Breach / Ransomware UBICRY1766971965
Data Exfiltration: Yes
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach / Ransomware UBICRY1766971965
Recommendations: Implement authentication for MongoDB, restrict open ports, enhance monitoring for unauthorized access, and secure development environments.
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Implement authentication for MongoDB, restrict open ports, enhance monitoring for unauthorized access and and secure development environments..
References
Where can I find more information about each incident ?
Incident : Data Breach / Ransomware UBICRY1766971965
Source: X (Twitter) post by hackers
Incident : Data Breach / Ransomware UBICRY1766971965
Source: News articles on MongoBleed and Ubisoft breach
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: X (Twitter) post by hackers, and Source: News articles on MongoBleed and Ubisoft breach.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach / Ransomware UBICRY1766971965
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through No official confirmation from Ubisoft yet.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach / Ransomware UBICRY1766971965
Entry Point: Open MongoDB ports with no authentication
High Value Targets: Source code, unreleased projects, player databases
Data Sold on Dark Web: Source code, unreleased projects, player databases
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach / Ransomware UBICRY1766971965
Root Causes: Lack of authentication on MongoDB, unsecured open ports, inadequate monitoring
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Egregor ransomware gang.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on October 2020.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Customers' personal info, Over 900GB of data, including source code, unreleased builds, DLCs and and player databases.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Over 900GB of data, including source code, unreleased builds, DLCs, and player databases and Customers' personal info.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Implement authentication for MongoDB, restrict open ports, enhance monitoring for unauthorized access and and secure development environments..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are X (Twitter) post by hackers and News articles on MongoBleed and Ubisoft breach.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Open MongoDB ports with no authentication.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /goform/PPTPUserSetting. Performing manipulation of the argument delno results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
Risk Information
cvss2
Base: 8.3
Severity: LOW
AV:N/AC:L/Au:M/C:C/I:C/A:C
cvss3
Base: 7.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability has been found in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/PPTPServer. Such manipulation of the argument ip1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 8.3
Severity: LOW
AV:N/AC:L/Au:M/C:C/I:C/A:C
cvss3
Base: 7.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messages_session.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference. The attack may be initiated remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function _sg_pipeline_desc_defaults in the library sokol_gfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is identified as 5d11344150973f15e16d3ec4ee7550a73fb995e0. It is advisable to implement a patch to correct this issue.
Risk Information
cvss2
Base: 4.3
Severity: LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/floooh/sokol/commit/5d11344150973f15e16d3ec4ee7550a73fb995e0
- https://github.com/floooh/sokol/issues/1405
- https://github.com/floooh/sokol/issues/1406#issuecomment-3649548096
- https://github.com/oneafter/1212/blob/main/hbf1
- https://vuldb.com/?ctiid.338533
- https://vuldb.com/?id.338533
- https://vuldb.com/?submit.719823
Description
A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function get_user_ip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 5.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=crytek' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
