R6DB said the attacker only accessed the database, but they decided to wipe and reinstall the entire machine, just to be safe.

Some data is lost for good

Company engineers are working to restore as much of the data as possible, but R6DB expects some information to be lost for good.

Staff says they never stored any personal data on Rainbow Six Siege players, so service users don’t have anything to worry about.

All that was lost is player statistics. Gamers used R6DB exactly for this purpose, to keep track of their evolution across time, and get another perspective on their stats, besides to what the game provides.

“We basically lost all our historical data,” said R6DB. “Some profiles are gone. We can re-index them when searched for, but that’s a step we can’t do ourselves.”

“Progressions (aka historical data, aka charts) are [EXPLETIVE] They’ll fill up again over time, but the past is gone,” R6DB said. “[PC only] aliases are half-[REDACTED]. We still have some older data, but about a months worth of aliases is lost.”

At the time of writing, the R6DB is up and running, but the company is still working on restoring player data. Staff expects to finish the restoration process by Monday.


The New Server has been added and most of the data has been recovered, still the process is going on.

Similar attacks have been taking place for two years

The ransom attack on a PostgreSQL database is one of the first of its kind, but not unique. Hackers have been scanning the Internet for exposed databases, wiping their content, and leaving ransom notes behind in the hopes that victims fall for the trick and pay the ransom without investigating what truly happened to their data.

MongoDB, ElasticSearch, Hadoop, CouchDB, Cassandra, and MySQL servers have been targeted.

The most recent wave of attacks targeted MongoDB, at the start of the month. The company behind MongoDB blamed the attacks on server owners who left their databases open to connections without a password on the admin account.

Credit: Bleepingcomputer