Japanese video game developer Capcom has issued a warning that a ransomware attack on its servers may have compromised thousands of gamers’ personal information.
According to Capcom, the ransomware attack could have affected up to 350,000 people, including possible theft of financial information. This was contrary to its statement over a week ago that there was no indication customer information had been accessed.
The Japanese game maker confirmed on Monday that its servers were attacked by hackers on November 2. The cyber attack involved ransomware, a malicious software that usually threatens to block a victim’s access to their own records unless they pay a certain amount to the attacker.
In the Capcom attack, the hackers digitally scrambled some of the data on the servers, making it impossible to view and edit, as well as destroyed some of the files. The firm identified the Ragnar Locker hacker group as the one that demanded to be paid to undo the encryption.
However, Ragnor Locker’s dark-net webpage showed indications that Capcom refused to pay the group’s extorsion demand. The group wrote in a post that the Japanese video game developer didn’t “make a right decision and save data from leakage”.
Capcom is known for its popular video game franchises, including Street Fighter, Resident Evil, and Monster Hunter.
Capcom has reported that only nine people’s personal information was confirmed to be compromised, all of which were those of current or former employees. Unfortunately, the firm also said that up to 350,000 customers, business partners, and other employees might also be affected.
Capcom was still unsure about this because its own logs were “lost as a result of the attack”.
Among the information that were possible compromised were different combinations of names, addresses, birthdays, phone numbers and email addresses, depending on why the data was gathered.
Capcom said: “None of the at-risk data contains credit-card information. All online transactions… are handled by a third-party service provider. And as such, Capcom does not maintain any such information internally.”
The company also assured gamers that it was safe for them to continue playing their games online and access its websites.
Capcom has notified the police, as well as the Japanese and UK data protection agencies.
In a statement, the firm said: “Capcom would once again like to reiterate its deepest apologies for any complications or concerns caused by this incident. As a company that handles digital content, it is regarding this incident with the utmost seriousness.”
Aside from the attack on Capcom, there were also other reports that other video game companies have been hacked.
Several days ago, there were reports that “Watch Dogs: Legion,” a video game from Ubisoft about hacking, may have been attacked, with its source code stolen and leaked on the internet.
In response to the reports, Ubisoft said: “We are aware of the group’s claim and are currently investigating a potential data security incident.”
Ragnar Locker has also claimed to hack Crysis developer Crytek’s internal information.
Video game companies have thrived during the ongoing coronavirus pandemic, with Activision Blizzard and Electronic Arts both reporting improved performance in May.
Activision Blizzard, the developer of the Call of Duty (CoD) video game series, said that during the quarter, an average of 407 million people had played its games online monthly. Its latest CoD game, “Call of Duty: Warzone”, has attracted over 60 million players since it launched in March.
As a result, Activision Blizzard’s net revenues from digital channels reached $1.44 billion.
Meanwhile, Activision’s rival company Electronic Arts announced that its latest FIFA football game has attracted over 25 million players while its American football game “Madden NFL 20” scored the highest online engagement numbers in the franchise’s history.