Capcom Found Out Ransomware Actors May Have Stolen 350,000 Files

Last updated June 23, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer

The Capcom internal investigation on the recent ransomware attack they experienced has yielded some bad news for the game maker and the people around it. More specifically, they’ve found that the number of files exfiltrated by the hackers could be up to 350,000, including confidential and sensitive personal information of customers, employees, and contractors.

Here’s what Capcom’s IT has now confirmed as definitely compromised:

The following data may have been stolen, but it’s not certain yet:

Capcom has already informed ICO in the UK, and the Personal Information Protection Commission in Japan, while the investigation is ongoing. Furthermore, law enforcement action against the actors will be sought in Japan and the United States. At the same time, those who are confirmed as compromised will be offered support in the form of identity protection services.

The ransomware actors that hit Capcom are “Ragnar Locker,” and they demanded the payment of $11 million in Bitcoin, threatening to release the stolen data in public. After ten days passed, the actors followed through on their threat and published samples of the exfiltrated data on their dedicated portal. In total, “Ragnar Locker” claim that they hold 1TB of sensitive data, including a lot more than what Capcom confirms now.

Whether or not Capcom is planning to negotiate the payment with Ragnar Locker now is doubtful. Still, since the Japanese mention law enforcement authorities in their announcement, we assume that they won’t pay a dime.

In the same context, they are playing down the significance of the incident by stating that its effect on the group’s consolidated business results will be negligible. That’s also another way of saying “we won’t pay.”



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: