Earlier this month, Capcom revealed that there was “unauthorized third-party access” to its internal computer systems, but the company added that “there are currently no indications of breached customer information.” This morning, however, Capcom revealed more details about the “personalized ransomware attack”
After a two-week investigation, the Japanese company said it could only confirm that personal information was available to current and former employees. But the list of “potentially compromised” people is much larger, including callers to Capcom’s Japanese help desk, Capcom Store customers, members of Capcom’s North American export teams, company shareholders and former job applicants. Capcom.
The information disclosed in the attack usually includes names, addresses, telephone numbers and email addresses. But current and former employees have had their passport details and signatures revealed, Capcom said, while job applicants may have leaked personal photos.
Capcom notes that credit card information that is “processed by a third-party service provider” must be secure. Access to the company’s online games and websites should also not be affected.
The attack also revealed some of Capcom’s internal business documents, including launch and launch plans and expectations for sales of current and upcoming titles. Some of this information has already started circulating on game forums and Twitter.
Pay or pay the price
Capcom, which publishes major gaming franchises, including Resident Evil,, Monster hunter, and Street Fighter, says it shut down its internal network on November 2nd. Shortly afterwards, the company found that it had been affected by a “targeted attack on the company using ransomware that destroys and encrypts data on its servers.”
The attack was reportedly organized by a “criminal organization called Ragnar Locker” who demanded a ransom to unlock the data and prevent it from leaking. The BBC reports that Ragnar Locker posted a message on its dark web page saying that Capcom had “not made the right decision and saved data from leaking”, suggesting that the company had decided not to pay. the ransom demand. Ragnar Locker’s note also suggests that there is more data from Capcom that is yet to be published.
The investigation into the exact nature of the attack took so long, in part because it was “conducted using so-called personalized ransomware … aimed specifically at the company to maliciously encrypt information stored on its servers and delete its access logs.” “
Capcom says it is working with international law enforcement officials after the attacks and has instructed third-party security companies to assess the attack and improve internal information security.