“Capcom expressed its deepest regret for any inconvenience this may cause to its various stakeholders,” the Japanese firm confirms in a Wednesday advisory on its website. “Further, it stated that at present there is no indication that any customer information was breached. This incident has not affected connections for playing the company’s games online or access to its various websites.” Capcom is one of the world’s largest game developers. Aside from Resident Evil, the company is also the name behind the massive Street Fighter franchise, among many others. The firm first spotted a breach on Monday and says the attack brought third-party access to internal systems, including 1 terabyte of sensitive information. Upon discovering the attack, Capcom ceased operations of its internal networks. Unfortunately, the company has not said how the attack started or share further information. Although, it does say law enforcement is involved and an investigation is under way.
Attack
Bleeping Computer believes the Ragnar Locker ransomware was the tool of the attack. This is a novel strain that has become popular amongst cybercriminals because it can send ransomware attacks through virtual machines. In its report, Bleeping Computer was able to find the ransom note left on Capcom’s systems. It shows the perpetrators took over 1TB of data which apparently includes financial information, intellectual properties, corporate agreements, and non-disclosure agreements. It seems to confirm that no customer information was compromised during the attack.