Unity Technologies, a developer of software for video games, discovered malicious code on its SpeedTree toolkit website that stole confidential data from hundreds of customers.
Unity representatives filed a notice about the incident with the Maine Attorney General’s office. According to this document, from March 13 to August 26, 2025, malicious code was present on the SpeedTree website (specifically, on the checkout page), affecting at least 428 customers.
The malware that infiltrated the site was designed to collect information entered by users when making a purchase on the SpeedTree website, including name, address, email, payment card number, and access code.
It is reported that after detecting the malware, the company launched an investigation, took the site offline, and removed the malicious code. However, it has not disclosed exactly how the breach occurred, as a result of which the SpeedTree website became infected with malware.
At this time, notifications have been sent to all affected individuals, and free credit monitoring and identity theft protection services from Equifax have been offered.