Last week, major The Last of Us Part II spoilers leaked online including crucial narrative twists, cut scenes, and more. [Zero spoilers below.]

Initial rumors pointed to a disgruntled employee as responsible for the leak.

Multiple reports now point to hackers exploiting a security vulnerability to access developer Naughty Dog’s servers.

New reports suggest that last weekend’s The Last of Us Part II leaks weren’t the work of a disgruntled employee, but rather the result of hackers exploiting a security vulnerability to access Naughty Dog’s servers.

The Last of Us Part II Leaks

Massive spoilers for Naughty Dog’s highly-anticipated sequel found their way online last weekend. Major plot points, pivotal cut scenes, an exhaustive mission list – discovering the game’s narrative beats required little to no effort due to how rapidly the leak spread.

Social media was awash with spoilers. People went to extraordinary lengths to spoil the game for many, to the point of infiltrating completely unrelated threads and discussions to drop a major spoiler on unsuspecting users. During last week’s Assassin’s Creed Valhalla reveal, spoilers even found their way into chat on Twitch and YouTube.

Widely circulated rumors told a story of retribution. A lone Naughty Dog employee pushed to orchestrate the leak due to a contentious pay dispute.

While certainly fanciful when viewed in the context of the NDAs current and former Naughty Dog employees working on The Last of Us Part II will have signed, the story seemed to align with reports of difficult working conditions at the studio.

As Kotaku reported in March, long hours and high staff turnover characterized the experience for many employees with crunch ingrained into the developer’s culture.

Rumors Debunked

On Friday, GameIndustry.biz reported that Sony had identified those responsible for the leaks. No association exists between the Naughty Dog/Sony Interactive Entertainment and the leakers, debunking the theory that an employee was responsible. Sony offered no further comment on the matter.

Yesterday, former Kotaku reporter now at Bloomberg, Jason Schreier, took to Twitter to reveal that hackers were behind the leaks:

OK: After talking to two people with direct knowledge of how TLOU2 leaked as well as some Naughty Dog employees, I have a good idea of what happened. Short version: hackers found a security vulnerability in a patch for an older ND game and used it to get access to ND’s servers.

It appears the hackers captured the leaked footage from an older build of The Last of Us Part II:

I think the footage that leaked is from devs playing an early build (I haven’t watched it). Most importantly, rumors of this being an act of protest by a contractor whose pay was robbed are not true. (ND actually extended pay and healthcare benefits for contractors due to covid)

Vulnerability Fixed On April 30

Shortly after that, Kotaku corroborated the hacker story thanks to two further sources familiar with the situation.

A hacker group discovered a method for accessing the Amazon servers for Naughty Dog games using what was essentially password information included in the code for the studio’s games, including 2011’s Uncharted 3 and 2013’s The Last of Us. Those games access the servers for multiplayer functionality but apparently could also be used to fetch files stored there.

Interestingly, hackers obtained over a terabyte of game data, and one of the hackers reportedly notified Naughty Dog about the exploit back in February. Naughty Dog allegedly took until April 30 to fix the vulnerability.

It’s safe to say that we can put the disgruntled employee rumors to bed definitively. The reality is, for better or for worse, far less thrilling.