Capcom Found Out Ransomware Actors May Have Stolen 350,000 Files

  • Capcom’s internal investigation is revealing a deep dent in the company’s IT networks.
  • A recent ransomware attack has resulted in the exfiltration of sensitive files, possibly in the hundreds of thousands.
  • The actors demand an $11 million payment in Bitcoin, but it’s unlikely they’ll get anything from the Japanese.

The Capcom internal investigation on the recent ransomware attack they experienced has yielded some bad news for the game maker and the people around it. More specifically, they’ve found that the number of files exfiltrated by the hackers could be up to 350,000, including confidential and sensitive personal information of customers, employees, and contractors.

Here’s what Capcom’s IT has now confirmed as definitely compromised:

  • Personal information of former employees, including names, signatures, addresses, and passports.
  • Personal information of current employees, including HR data, names, and signatures.
  • Sales reports
  • Financial information

The following data may have been stolen, but it’s not certain yet:

  • Japan: Customer service video game support help desk information (approx.134,000 items). Names, addresses, phone numbers, email addresses
  • North America: Capcom Store member information (approx. 14,000 items). Names, birthdates, email addresses
  • North America: Esports operations website members (approx. 4,000 items). Names, email addresses, gender information
  • List of shareholders (approx. 40,000 items). Names, addresses, shareholder numbers, amount of shareholdings
  • Former employee (including family) information (approx. 28,000 people); applicant information (approx. 125,000 people), Names, birthdates, addresses, phone numbers, email addresses, photos, etc.
  • Human resources information (approx. 14,000 people)
  • Confidential corporate information, including sales data, business partner information, sales documents, development documents, etc.

Capcom has already informed ICO in the UK, and the Personal Information Protection Commission in Japan, while the investigation is ongoing. Furthermore, law enforcement action against the actors will be sought in Japan and the United States. At the same time, those who are confirmed as compromised will be offered support in the form of identity protection services.

The ransomware actors that hit Capcom are “Ragnar Locker,” and they demanded the payment of $11 million in Bitcoin, threatening to release the stolen data in public. After ten days passed, the actors followed through on their threat and published samples of the exfiltrated data on their dedicated portal. In total, “Ragnar Locker” claim that they hold 1TB of sensitive data, including a lot more than what Capcom confirms now.

Whether or not Capcom is planning to negotiate the payment with Ragnar Locker now is doubtful. Still, since the Japanese mention law enforcement authorities in their announcement, we assume that they won’t pay a dime.

In the same context, they are playing down the significance of the incident by stating that its effect on the group’s consolidated business results will be negligible. That’s also another way of saying “we won’t pay.”

How to Watch Joe Pickett Season 2 Online: Stream the Western Crime Drama from Anywhere
Joe Pickett, the series based on characters created by novelist C.J. Box, has a second season coming, and below are all the...
How to Watch Gods of Tennis Online Free: Stream the Tennis Docuseries from Anywhere
Gods of Tennis is a new documentary series on “the golden age of tennis” in the 1970s and 1980s, and we have...
How to Watch Danger Below Deck Online from Anywhere
Are you a die-hard fan of crime dramas? Do you love heart-pounding suspense, gripping tension, and a captivating plot that leaves you...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari