Capcom, the Japanese video games giant that owns popular gaming titles such as Street Fighter, Resident Evil, and Devil May Cry, suffered a Ragnar Locker ransomware attack earlier this month that potentially compromised the personal information of as many as 350,000 customers and employees.
The successful Ragnar Locker attack was first revealed by Capcom earlier this month via a press notification. In a detailed update published this Monday, the gaming giant said the ransomware operators were able to successfully encrypt a large number of files stored in internal servers and subsequently demanded a ransom from the company.
The company said that based on the amount of data encrypted by hackers behind the Ragnar Locker ransomware attack, they believe the cyber attack potentially compromised the personal information of around 350,000 people.
The compromised data included the names, addresses, phone numbers, and email addresses of 134,000 Japanese customers, the names, dates of birth, and email addresses of 14,000 Capcom Store members in North America, the names, email addresses, and gender information of 4,000 Esports website members in North America, and the names, addresses, shareholder numbers, and the amount of shareholdings of 40,000 shareholders.
The potentially compromised information also included the names, dates of birth, addresses, phone numbers, email addresses, and photos of approximately 28,000 former employees and their family members as well as detailed personal information of approximately 125,000 applicants.
Capcom also believes that the Ragnar Locker hacker group gained access to sales data, business partner information, sales documents, development documents, etc., and human resources information of approximately 14,000 people. However, no payment card data was compromised as all online transactions are handled by a third-party service provider.
"In the early morning hours of November 2, 2020 after detecting connectivity issues with its internal network, Capcom shut down its systems and began investigating the situation. Capcom confirmed that this was a targeted attack against the company using ransomware, which destroyed and encrypted data on its servers," the company said in its latest update.
"The company discovered a message from a criminal organisation that calls itself Ragnar Locker, and after ascertaining that ransom money was being demanded, contacted the Osaka Prefectural Police. The company implemented protective software, shut down all suspicious transmissions, and carried out the reconstruction of the servers. It is carrying out an ongoing investigation into the information that had been saved in each of its departments based on the servers it has recovered.
"The company has already commissioned a third-party security company to inspect system issues stemming from this incident. Capcom plans to announce the results of this inspection separately, when available. Further, the company has arranged a structure of reporting and consultation with a major software company, a major security specialist vendor and law offices with extensive knowledge of system security," it said.
"Capcom would once again like to reiterate its deepest apologies for any complications or concerns caused by this incident. As a company that handles digital content, it is regarding this incident with the utmost seriousness. In order to prevent the reoccurrence of such an event, it will endeavor to further strengthen its management structure while pursuing legal options regarding criminal acts such as unauthorised access of its networks," Capcom added.
At the beginning of November, the Ragnar Locker ransomware gang also successfully targeted Italian liquor giant Campari Group and exfiltrated up to 2TB of company data that included bank statements, employee records, celebrity agreements, licensing certificates, government letters, accounting files, and agreements and contracts with importers, resellers, and distributors.
According to security researcher Pancak3 who was the first to discover the hacker group's ransom note, the Ragnar Locker gang demanded as much as $15 million from Campari Group after encrypting a majority of the company's servers located across 24 countries.