17 November 2020

Personal info of 350,000 customers and business partners may have been stolen in Capcom ransomware breach


Personal info of 350,000 customers and business partners may have been stolen in Capcom ransomware breach

At the beginning of November, Japanese game developer and publisher Capcom Group, a company behind well-known the Street Fighter, Resident Evil, and Monster Hunter series of games, was hit by a major cyber attack that impacted some of its business operations, including email and file servers. Now Capcom has shared some additional info on what happened and what data was compromised.

In a press release the company explained it was target of “a customized ransomware attack” carried out by the Ragnar Locker ransomware group, which destroyed and encrypted data on the game maker’s servers.

Capcom said it could only confirm the compromise of data on five former employees, four employees and some sales and financial info, however, the breach could be much more serious than anticipated.

According to the company, the incident may have affected some 350,000 customers and business partners. This includes: 134,000 customers who used the video game support help desk in Japan, 14,000 Capcom Store members in North America, 4,000 Esports website members in North America, 40,000 shareholders, 153,000 former employees, their families and applicants and 14,000 employees “and related parties” taken from HR.

The potentially compromised information includes names, home and email addresses, birthdates, shareholder numbers, phone numbers and photos. Capcom said that financial information was not accessed.

“None of the at-risk data contains credit card information. All online transactions etc. are handled by a third-party service provider, and as such Capcom does not maintain any such information internally,” the company added.

The cyber criminals behind the Ragnar Locker ransomware published nearly 60 GB of data allegedly stolen from Capcom on their leak site after the company refused to respond to their demands. While special software is needed to download the posted archives, some of the data is viewable, such as what appears to be images from passports, screenshots of confidential agreements, financial reports and bank statements.


Back to the list

Latest Posts

Hacker leaks usernames and passwords for nearly 50K vulnerable Fortinet VPN devices

Hacker leaks usernames and passwords for nearly 50K vulnerable Fortinet VPN devices

The data dump contains usernames, passwords, access levels, and the original unmasked IP addresses of users connected to the VPNs.
26 November 2020
FBI warns of spoofed FBI-related websites

FBI warns of spoofed FBI-related websites

Spoofed domains and email accounts could be used by foreign actors and cybercriminals to spread false information, deliver malware, or collect sensitive data.
25 November 2020
Chinese APT Mustang Panda resumes efforts to collect intel on Vatican

Chinese APT Mustang Panda resumes efforts to collect intel on Vatican

In the latest campaign the treat actor was observed using updated toolset in order to evade detection.
25 November 2020