Capcom has concluded its investigation into the attack ransomware suffered last November in which company files and data were stolen. Shortly after the news, it was learned that there was a leak of customer and worker data, but the extent was not known. In an official message, Capcom confirms that the data at risk included no credit cards since all transactions are carried out with an external provider in another system that was not a victim of the attack “and therefore Capcom does not keep any internal information”. The systems affected by the incident were not related to the means of payment or online purchases: “These systems were not involved in the incident and continue to be safe for customers and online gambling purchases.”.
This does not mean that there are no affected accounts, in fact it is estimated that there are some 15,600 compromised accounts and customer, partner or staff data covering 390,000 people, with information on names, emails and in the case of Japanese users, addresses and numbers. phone. “Because a part cannot be specifically determined due to issues including loss of records as a result of the attack, Capcom has included the maximum number of people whose data was kept on all potentially compromised servers,” says Capcom. “The company has not been able to confirm damage as a result of misuse of compromised information at this time.”.
Ransomware to developers, the new target of hackers
The attack was carried out by Ragnar Locker, a group that extorted Capcom with the theft of 1 TB of information about games, plans and other data. To give back access to the files, the hackers asked for 11 million dollars in bitcoins; if you do not pay, the data will be published or sold. Something similar happened shortly after with CD Projekt RED, the creators of Cyberpunk 2077 Y The Witcher; code for various games – including the next-generation version of The Witcher 3– was auctioned.