The company behind classic video game brands Resident Evil and Street Fighter has been forced to admit that last year’s data breach has reached a new top score, with another 40,000 customers potentially affected by the incident, bringing the total up to 390,000.
When news of the ransomware attack first emerged, Capcom actually denied that any customer data had been leaked but was soon on the back foot after confessing that the personal details of as many as 350,000 customers may have been stolen, including names, addresses, phone numbers, and in some cases dates of birth.
The attack, carried out by “Ragnar Locker” ransomware gang, took place on November and reportedly affected 1 terabyte of data, forcing Capcom to shut down its entire network.
This week, the company has published an update on its investigation into the breach, confirming that it has now verified that the personal information of 16,406 people has definitely been stolen, up from just nine people in November. That includes names, addresses, contact details and HR information for 3,248 business partners, 3,994 employees and 9,164 former employees.
Hackers also stole sales reports, financial information, game development documents and more, it said. Because a third-party provider handles online transactions, no credit card data was breached, it claimed.
In total, Capcom said the total number of customers, business partners and other external parties whose personal information may have been compromised in the attack is approximately 390,000 people.
That includes at least 134,000 items from Japan customer support, 14,000 items from the North American Capcom Store and 4,000 items from its Esports website. The information includes names and emails, and in the case of Japan addresses and phone numbers.
In a statement released today it said: “Capcom offers its sincerest apologies for any complications and concerns that this may bring to its potentially impacted customers as well as to its many stakeholders.”
Street Fighter fans facing knockout as data is hacked
Blackbaud breach sparks legal threat to UK universities
National Trust among 125 hit by Blackbaud hack in UK
Crisis donors hit as fears grow over Blackbaud breach
Pitney Bowes hit as Maze ransomware strikes again
Ransomware car crash hits digital transformation giant
Half of UK firms would pay ransom to avoid GDPR fine
Over 40% of firms suffered cyber breach in past year
Firms warned over new wave of nefarious cyber attacks