Not a month after reports of Crytek and Ubisoft both being infiltrated by hackers and was able to obtain data, one of Japan’s largest game developers, Capcom has become the latest victim of a cyber attack, this time suffering a ransomware attack.
The ransomware attack was able to steal more than one terabyte (TB) of “sensitive data” from Capcom’s corporate networks across different countries.
A report by Bleeping Computer was also able to get additional details about the attack through a security researcher going by the name of Pancak3. The latter revealed further details surrounding the ransomware attack, stating that Ragnar Locker group was behind the attack.
The attackers stole more than 1 TB of files including the personal information of employees and customers, private messages and chats, corporate contacts, emails, intellectual property, proprietary business information, tax documents, banking statements, accounting files and audit reports while encrypting 2000 devices on Capcom’s network.
The group behind the attack is reportedly asking for an $11 million bitcoin (BTC) payment for a decryptor while also promising to “delete any stolen data” and provide a network security report. However, if a deal is not closed out, the data will be “published and/or auctioned to third-parties.”
As proof of the attack and the data obtained, the group disclosed a screenshot containing the company’s August 2020 Steam Sales Report.
In addition, the screenshots provided by Ragnar Locker provided images of Japanese passports, contractor agreements, employee termination agreements and Active Directory Users and Management Consoles that were used by Capcom.
A November 4 press release from Capcom, however, did not confirm any ransomware attack nor any cyberattack on their end. While they admitted of “experiencing issues that affected access to certain systems, including email and file servers”, Capcom stated that there had been “no indication that any customer information was breached” and that investigations were ongoing, on top of efforts to restore systems disrupted by the attack.
The ransomware attack at Capcom isn’t the first attack carried out by the Ragnar Locker group, last May, Energias de Portugal (EDP) – Portugal’s electric utility company became a victim of the ransomware attack. Other notable attacks the group has committed include Compagnie Maritime d’Affrètement Compagnie Générale Maritime (CMA CGM) which is one of the largest shipping companies globally and even the International Maritime Organization of the United Nations (UN IMO). According to reports
As of this writing, MalwareHunterTeam tweeted that a Ragnar Locker “press release” has given Capcon a November 10 18:00 EST deadline to negotiate and commit a deal and threatened to ensure that “everyone will know about such negligence and irresponsibility from their [Capcom] side”
Capcom is responsible for creating fan favorite franchises, such as Street Fighter, Monster Hunters, Mega Man, Resident Evil, Ace Attorney among others.