Capcom was hit by a ransomware attack at the start of the month. A following investigation has verified that “personal and corporate information may have been compromised” during the unauthorized access to networks maintained by the game publisher and developer at its head office in Osaka, Japan.
According to a press release from earlier today, the breached data includes personal information of current and former employees as well as sales and financial reports. Some personal information belonging to Capcom shareholders and business partners was also compromised.
The ransomware attack however was unable to access “at-risk data” which contains credit card details. Capcom has confirmed that third-party service providers handle all online transactions. Such information was never kept internally. Capcom customers and players have been assured that they can safely connect to games online.
The ransomware attack happened on November 2, 2020. Capcom immediately shut down its systems upon the detection of an alien access. A criminal organization calling itself “Ragnar Locker” took responsibility for the cyber attack and has since then been demanding an unconfirmed sum of ransom money to release stolen data. Capcom is currently working closely with the Osaka Prefectural Police to solve the matter.
Capcom will “continue its investigation into the scope of potentially compromised information” and will provide further updates when needed. “The company asks that everyone potentially affected by this incident practice an abundance of caution, looking out for any suspicious packages received by mail or messages that could potentially be received.”
Discussions are already underway with security experts to establish an advisory board regarding system security to ensure that such cyber attacks are prevented in the future.