Japanese video game company (Capcom) has said that a handful of personal information from current and former employees had been compromised on November 2nd.

The investigation that came out of news releases, confirm that 350,000 records of customers, shareholders, and business partners also seems to be exposed.

And recently (on November 19), Capcom updated by saying that sales reports and financial information were also taken. 

What exactly happened to the video game developer and publisher?

 

Capcom is Hit By Ragnar Locker Ransomware Gang

If the name sounds familiar to you, Capcom is the company in charge of multi-million selling game franchises, such as Street Fighter and Resident Evil. 

The company’s history stretches back to the 80s. Now, as with this attack, cybercriminals have noticed the lucrative nature of this global-reaching industry.

So far, there have been more than 3 videogame companies targeted by cybercriminals. Just a few days ago, we reported about an attack that targeted Ubisoft and Crytek, as well as Sandbox Interactive’s database.

This time, it was Ragnar Locker’s turn. According to Campcom, that’s the name of the ransomware gang responsible for the breach. 

They are well-known for distributing ransomware payloads through Virtual Machines, to steal data and encrypt networks afterward, as in the case of the Energias de Portugal (EDP) attack. 

Ragnar Locker is also blamed for the Campari (beverage company) attack.

So far, the cybercriminal group has claimed to have stolen 10 TB of private company data. Demanding payment of 1,580 Bitcoin (around the $11 million).

According to BleepingComputer, the ransom note mention that the 10 TB of data supposedly includes banking statements and financial files, as well as Intellectual Property, corporate agreements, contracts, and private corporate correspondence (emails, presentations, audit reports).

The same note also seems to contain a link to the private data leak-page on their ransomware’s website, grouped with a link to the Ragnar Locker Tor negotiation site

So far, Capcom is backed by both Japan’s, Europe, and U.S. law enforcement. 

But they are unsure about the exact number of log files that are lost because of the attack.  

Still, they say they’re working on it with a third-party cybersecurity company (unspecified) to research the whole incident. The company said:

“Investigation and analysis of this incident took additional time due to the targeted nature of this attack, which was carried out using what could be called tailor-made ransomware, as was covered in some media reports, aimed specifically at the company to maliciously encrypt the information saved on its servers and delete its access logs.

No credit card information was exposed in the attack

All online transactions are handled by a third-party service provider, and as such Capcom does not maintain any such information internally.”

While they do not describe the attack’s nature, researchers at Sophos confirm that it wouldn’t be a rare thing for the gang to deploy the same “full virtual machine on each targeted device to hide the ransomware from view.” as they have done in the past

This and other targeted attacks remind me of the unfortunate behavior of “business.”

At the very beginning, it seems like funding is the only present concern. But as long as your company keeps growing, also the attention of criminals.

Wouldn’t you like to feel calmed and relaxed?

You can be it if you want. 

Our Houston-based team of cybersecurity experts has protected the assets of dozens of businesses like yours. They’ve recovered peace of mind.

All it takes is, a brief talk where we answer all doubts and questions you might have about the topic, and we’ll attend to every request to secure your infrastructure.