Capcom has confirmed that a recent security incident was due to a Ragnar Locker ransomware infection, potentially leading to the exposure of customer records.
This week, the Japanese gaming giant confirmed[1] that the company had fallen prey to "customized ransomware" which gave attackers unauthorized access to its network -- as well as the data stored on Capcom Group systems.
The firm says it has "verified that some personal information has been compromised," adding that the ransomware outbreak "destroyed and encrypted data on its servers."
See also: Capcom quietly discloses cyberattack impacting email, file servers[2]
A ransom payment was demanded, but it does not appear that Capcom bowed to blackmail.
Capcom has provided an extensive list of confirmed and potentially compromised records. As of November 16, the firm has verified that the personal information of former employees -- including names, signatures, addresses, and passport information -- was exposed. These "five items" join "four items" relating to current employees and their names, as well as human resource records.
Capcom says that sales reports and financial information was also impacted, but has not gone into further detail.
Together with the confirmed leaks of data, Capcom has also provided a list of potentially exposed records, choosing to list them as worst-case scenarios:
- The PII of customers, business partners, and more: 350,000 items
- Japan's customer service video game support, help desk: 134,000 items, including names, addresses, phone numbers, email addresses
- North America: Capcom Store member information: 14,000 items, including names, dates of birth, email addresses
- Esports operations website members: 4,000 items, including names, email addresses, gender
- Shareholder lists: 40,000 items, including names, addresses, shareholder numbers, amounts
- Former employees and family: 28,000 people, applicant data (125,000 people): names, dates of birth, addresses, phone numbers, and