Search This Blog

Showing posts with label Capcom. Show all posts

Capcom Released the Final Update on Ransomware Attack

 

Capcom, known for multi-million-selling game franchises, announced in November 2020, that it had been hit by a ransomware attack: Hackers gained access to the company's servers, encrypted data on its devices, and claimed to have downloaded over 1TB of data. According to a malware researcher, the hackers also left behind a demand for $11 million in Bitcoin in exchange for the encryption key.
 
In its final report on the matter, the good news is that no credit card information was compromised, and the attack did not affect any of Capcom's systems related to buying or playing games. "It remains safe for Capcom customers or others to connect to the internet to play or purchase the company's games online," Capcom stated.

Interestingly, it also clarified that it was never actually in contact with the attackers, and had not received the reported $11 million ransom demand. The report provides a timeline of events from the initial discovery of possible issues to the present, as well as a small decrease in the number of user accounts confirmed as compromised: 15,640, down from 16,415 in January. This figure includes current and former staff, as well as a few thousand "business partners," which Capcom explained do not include customers. 

The company mentioned that its global networks had been revamped before the attack, but an "older backup VPN" was still in use in North America to help it handle the increased load caused by the Covid-19 pandemic. "Some devices were compromised at both the Company's US and Japanese offices through the affected old VPN device at the Company's North American subsidiary, leading to the theft of information," Capcom explained. 

"While the Company had existing perimeter security measures in place and, as explained below, was in the processes of adopting defensive measures such as a SOC [Security Operation Center] service and EDR [Endpoint Detection and Response], the Company had been forced to prioritize infrastructure improvements necessitated by the spread of COVID-19. As a result, the use of these measures was still in the process of being verified (not yet implemented) at the time this matter took place." 

The old system is no longer in use, and Capcom has put in place several technological and organizational steps to reduce the chances of anything similar occurring again in the future. Capcom has introduced new internal divisions, including an Information Technology Security Oversight Committee and an Information Technology Surveillance Section, to stay on top of possible future threats. 

"While it is true that the threat actor behind this attack left a message file on the devices that were infected with ransomware containing instructions to contact the threat actor to negotiate, there was no mention of a ransom amount in this file," Capcom wrote.

Resident Evil Developer Capcom Became a Victim of Ransomware Attack

 

The year 2020 had been a year that witnessed a lot of data leaks and hacks of assorted kinds for apps and websites. This time it was the turn of an Osaka headquarters video game developer company, Capcom that became the victim of a data breach and ransomware attack in November 2020. Not only the company but its users have also been compromised because of this attack. As a result of the ransomware attack, Capcom had to shut down its assorted parts of the network including its email and file services. 

Initially, they never disclosed that if any customer's information was breached or any of its websites, servers, or games were compromised because of this attack. However, on 16th November 2020, the company published that almost 9 of its users had their personal information compromised and further added that 350,000 of its users were at risk of a data breach. 

In this attack, Capcom witnessed hundreds of thousands of pieces of personal data stolen from its servers, including the names and addresses of customers and former employees. The estimated number of victims of the aforementioned case is 16,415. 

Capcom later affirmed that they were suspicious that the company’s information, including "sales reports, financial information, game development documents, [and] other information related to business partners," was illicitly accessed during the attack. They stated that Documents matching that description have been circulating around certain corners of the Internet since November. 

Capcom further stated that "the company has also ascertained that the potential maximum number of customers, business partners, and other external parties, etc., whose personal information may have been compromised in the attack is approximately 390,000 people (an increase of approximately 40,000 people from the previous report)." 

Not only that Capcom's network was hit by a Ransomware attack but a note was also left on the server by the threat actors. The letter affirmed that Ranga Locker, the ransomware gang is behind this cyber-attack. The gang left some hyperlinks as proof of the attack by them. Those links led the company to a file that had personal information of the company and its users as well as employees, that was later published on the internet. 

Additionally, the company wrote, "Capcom would once again like to reiterate its deepest apologies for any complications or concerns caused by this incident.”