Gaming giant Capcom says the data of up to 350,000 people, including players, was stolen in a massive ransomware attack
- Gaming giant Capcom said Monday it was hit with a hack that may have compromised the personal data of up to 350,000 individuals, including players.
- The hack was a ransomware attack that scrambled Capcom's servers on November 2.
- The data compromised included names, email addresses, and phone numbers, but not credit card information.
- "Capcom offers its sincerest apologies for any complications and concerns that this may bring to its potentially impacted customers as well as to its many stakeholders," the company said in a statement.
Japanese gaming giant Capcom has confirmed it's been hit with a major cyberattack in which hackers stole the data of up to 350,000 people.
The company, known for hit franchises including "Street Fighter," "Resident Evil," and "Monster Hunter," said in a statement Monday that it first detected a problem on the morning of November 2.
"Capcom confirmed that this was a targeted attack against the company using ransomware, which destroyed and encrypted data on its servers," the company said.
Capcom first broke the news of the suspected attack on November 4, and on November 12 it publicly announced that some corporate information and data belonging to nine present and former employees had been stolen.
Its Monday announcement confirmed, however, that the scope of the attack was far broader, and may have included players' personal data.
The company estimated a maximum of 350,000 individuals' personal data may have been stolen. This included the data from players, shareholders, plus former employees and their family members.
The data included names, email addresses, and phone numbers, but not credit card information.
Capcom said it will contact anyone who it can confirm has definitely had their data compromised.
In ransomware attacks, hackers lock a target out of their own data and then essentially hold it hostage, threatening to either leak or destroy the data unless the target pays a ransom.
Capcom said it was contacted by a hacking group calling itself Rag nar Locker demanding payment, at which point it contacted the police force in Osaka, Japan.
The company did not explicitly state in its press release whether it paid the ransom or not. A representative was not immediately available to comment.
"Capcom offers its sincerest apologies for any complications and concerns that this may bring to its potentially impacted customers as well as to its many stakeholders," the company said in a statement. It added that its investigation was still ongoing.
Capcom said it has contacted both Japan and the UK's data protection watchdogs. It has engaged a security company and a software consultancy to inspect its systems, the company said.