Skip to main content

Cyber Attack Found At Gaming Company Capcom

By November 11, 2020May 5th, 2022Cybersecurity

Are you a gamer? Are you a fan of Resident Evil, Devil May Cry, Mega Man, Monster Hunter or Street Fighter? All of those games have something in common. All were developed by Capcom, a Japanese development company with offices in Japan, the US, and Canada.

Unfortunately, according to a recent disclosure, Capcom is the latest company to fall victim to a nasty ransomware attack.

The company’s disclosure reads in part as follows:

“Beginning in the early morning hours of November 2, 2020 some of the Capcom Group networks experienced issues that affected access to certain systems, including email and file servers. The company has confirmed that this was due to unauthorized access carried out by a third party, and that it has halted some operations of its internal networks as of November 2.”

The initial disclosure did not reveal the exact nature of the attack. Subsequently, it has come to light that Capcom fell victim to a Ragnar Locker ransomware attack and the hackers responsible have apparently exfiltrated more than a terrabyte’s worth of sensitive and proprietary information. Worse, they are demanding a staggering eleven million dollar ransom, to be paid in Bitcoin.

The ransom note included a link to a password protected web page containing a 24MB sample archive displaying a small fraction of the data the hackers were able to make off with. The data includes revenue forecasts, salary spreadsheets, NDAs, immigration forms, corporate communications, royalty reports, and more.

At the time this article was written, there is no indication as to if or how Capcom plans to respond to the ransom demand. Although it should be noted that hackers are notorious for promising to delete all stolen data once the ransom has been paid, and then putting the information up for sale on the Dark Web anyway, which puts Capcom in a tricky position indeed.

In any event, there’s nothing for you to do in this case. The stolen information does not appear to include customer payment card information, but if you’ve made purchases on the company’s website, it pays to keep a close watch on the payment card you used, out of an abundance of caution.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.