Back in November 2020, the “Ragnar Locker” ransomware actors extorted Capcom. The actors warned them that they managed to steal 1TB of sensitive files from the Capcom network and leak them if they didn’t get $11 million in Bitcoin. The Japanese video game publisher decided not to negotiate with the crooks and launched an internal investigation to figure out if the hackers had indeed managed to steal anything.
At first, they saw evidence of the infiltrators accessing employee data, sales reports, and financial information, but all of the rest remained doubtful. Unfortunately, the company has released an update on the investigation, which confirms that external parties were compromised too. That would be about 390,000 people, including their full name, physical address, phone number, email address, and various other details. In addition to these, around 3,248 business partners have been exposed as well.
Capcom clarified that its investigators still don’t see any evidence of the data compromise affecting clients from North America, so the numbers given above concern other regions. The gaming company is still investigating the incident, so there may be more updates along the way. However, if you are a client and you have shared your personal details with Capcom in the past, you shouldn’t wait for the confirmations to arrive before you decide to take protective action.
Since all forms of communication are made possible because of this incident, including email, SMS, and postal service, scammers or phishing actors may engage with you in a variety of ways, so beware. If you think you are being approached by a scammer, the best thing you can do is to report it to the police and delete the message without answering anything back.
Some new packs claiming to contain the stolen Capcom data appeared on the dark web at the start of the month, but so far, the validity of the pastes hasn’t been confirmed. It is possible that “Ragnar Locker” has failed to convince the Japanese to pay them the requested amount.
Capcom states that their internal systems have now been mostly recovered, and all business operations have returned to normal status. Thus, we guess that the company will just absorb the user, employee, and partner exposure consequences.