Pre-release information and gameplay footage for several titles, including the highly anticipated '007 First Light,' have leaked online. Rather than the work of a hacking group, the breach stems from poor security measures at the Indonesia Game Rating System (IGRS), prompting calls for stricter oversight.

Major international outlets, including VGC, reported last weekend that a severe security flaw at the IGRS left footage of several unreleased games exposed to the public. Gameplay videos submitted privately by developers for rating purposes were found to be accessible to unauthorized external parties.

The breach exposed footage from various games, including BANDAI NAMCO's 'Echoes of Aincrad,' Ubisoft's 'Assassin's Creed,' and KONAMI's 'Castlevania: Curse of Belmont.' Evidence also suggests that the email addresses of thousands of developers were compromised.

The most significant impact was felt by IO Interactive’s upcoming title, '007 First Light.' The leaked footage reportedly spans over an hour and contains major story spoilers. With the game set for release on May 27, fans are being warned to watch out for spoilers on social media and community forums. 'Echoes of Aincrad' also saw some of its key story scenes leaked.

Nick McConnell, who handles age ratings for Riot Games, took to social media to highlight structural issues within the rating process. Having worked with the IGRS, he explained that the classification process involves a simple questionnaire and the submission of links to videos and images, which are then manually reviewed by staff. Given this setup, he noted that it is hardly surprising that links provided via platforms like Google Drive were accidentally made public.

Rather than criticizing the IGRS team itself, McConnell pointed to the practical difficulties faced by staff and called for infrastructure improvements. He argued that a small, under-resourced team is being tasked with handling a massive volume of global game ratings. He added that game companies should also exercise caution by providing only the minimum necessary materials. Furthermore, he noted that the Game Rating and Administration Committee (GRAC) is another agency that requires caution, as it has previously exposed the release strategies of various companies by making rating details public.

The IGRS has previously faced criticism for the infrastructure issues McConnell pointed out. Past incidents include 'Call of Duty' and certain adult games on Steam receiving a 3+ rating, while the farming simulation 'Story of Seasons' was incorrectly rated 18+. With such issues persisting, critics argue that the IGRS' credibility problems can no longer be dismissed as mere mishaps.

Indonesia enacted legislation in 2024 mandating that all game developers and publishers obtain an IGRS rating to service their games starting in 2026. Critics argue that the influx of global developers seeking ratings following the two-year grace period has overwhelmed the already inadequate review process, leading to a surge in errors.