Partner Nintendo 3DS Central Social

Other Capcom Hit By Cyber Attack

Demon_Skeith

Demon_Skeith

Administrator
Staff member
Administrator
87,213
2007
4,414
Awards
30
Credits
27,402
Steal Penalty
You're Rich Money Bags Award
Profile Music
On November 2, Capcom’s servers were brought down by “unauthorized access carried out by a third party”.

As Bleeping Computer report, the group claiming responsibility for the attack say they downloaded around 1TB of data, containing everything from employee’s visa records to customer bank details to “proprietary Business information”.

Capcom, in their own statement, say “at present there is no indication that any customer information was breached”, while adding they are “consulting with the police as well as other related authorities” on both the breach and attempts to restore their servers.

Here’s Capcom’s statement in full.
 
Read an update from pushsquare and Capcom's Website:


The one underlying positive is that the publisher is confident no credit card numbers have been exposed, but this is still enormously damaging for the organisation. Unannounced plans – such as the existence of a new Ace Attorney collection for the PlayStation 4, as well as a tentative April 2021 release date for Resident Evil: Village – have also emerged online.

In fact, so comprehensive is this leak that we also now know Sony paid $5 million for Resident Evil VII: Biohazard’s exclusive PlayStation VR mode, while Google coughed up $10 million to get the survival horror series on Stadia. The worry is that the worst is yet to come, as BBC News reports that Capcom has not paid the ransom fee to retrieve the data.


Capcom's update statement:

Capcom Co., Ltd. (Capcom) announced that it has been the victim of a customized ransomware attack following unauthorized access to its network and has verified that some personal information maintained by the Capcom Group has been compromised.

Further, the company also stated that it has confirmed the possibility that additional personal and corporate information may have been compromised in this attack, which is listed in "2. Potentially compromised data" below. At present, its content development and business are operating without impediment.

Capcom offers its sincerest apologies for any complications and concerns that this may bring to its potentially impacted customers as well as to its many stakeholders.

As there is an ongoing investigation in place, it is possible that new facts may come to light going forward. Below is a general summary of what has been confirmed at this point in time (as of November 16, 2020).

1. Information verified to have been compromised

i. Personal information: 9 items
  • Personal information of former employees: 5 items
    (Name & signature: 2 items; name & address: 1 item; passport information: 2 items)
  • Personal information of employees: 4 items
    (Name and HR information: 3 items; name & signature: 1 item)
ii. Other information
  • Sales reports
  • Financial information
2. Potentially compromised data

i. Personal information (customers, business partners, etc.): maximum of approx. 350,000 items
  • Japan: Customer service video game support help desk information (approx.134,000 items)
    Names, addresses, phone numbers, email addresses
  • North America: Capcom Store member information (approx. 14,000 items)
    Names, birthdates, email addresses
  • North America: Esports operations website members (approx. 4,000 items)
    Names, email addresses, gender information
  • List of shareholders (approx. 40,000 items)
    Names, addresses, shareholder numbers, amount of shareholdings
  • Former employees' (including family) information (approx. 28,000 people);
    applicants' information (approx. 125,000 people)
    Names, birthdates, addresses, phone numbers, email addresses, photos, etc.
ii. Personal information (employees and related parties)
  • Human resources information (approx. 14,000 people)
iii. Confidential corporate information
  • Sales data, business partner information, sales documents, development documents, etc.
None of the at-risk data contains credit card information. All online transactions etc. are handled by a third-party service provider, and as such Capcom does not maintain any such information internally.

Because the overall number of potentially compromised data cannot specifically be ascertained due to issues including some logs having been lost as a result of the attack, Capcom has listed the maximum number of items it has determined to potentially have been affected at the present time.

3. Support for individuals whose personal information has been confirmed to have been compromised and those whose information has potentially been compromised

i. Action addressing personal or corporate information confirmed to have been compromised
Capcom has begun contacting individuals whose information it has verified to have been compromised to explain the background of this incident and current situation.

ii. Action addressing potentially compromised personal information
Capcom is continuing the investigation into information that has potentially been taken or compromised.
For individuals who wish to inquire about personal information that has potentially been compromised, please contact the following support desks in your country or region:
 
cm2 said:
  • Personal information of former employees: 5 items
    (Name & signature: 2 items; name & address: 1 item; passport information: 2 items)
  • Personal information of employees: 4 items
    (Name and HR information: 3 items; name & signature: 1 item)
i. Personal information (customers, business partners, etc.): maximum of approx. 350,000 items
  • Japan: Customer service video game support help desk information (approx.134,000 items)
    Names, addresses, phone numbers, email addresses
  • North America: Capcom Store member information (approx. 14,000 items)
    Names, birthdates, email addresses
  • North America: Esports operations website members (approx. 4,000 items)
    Names, email addresses, gender information
  • List of shareholders (approx. 40,000 items)
    Names, addresses, shareholder numbers, amount of shareholdings
  • Former employees' (including family) information (approx. 28,000 people);
    applicants' information (approx. 125,000 people)
    Names, birthdates, addresses, phone numbers, email addresses, photos, etc.
Click to expand...

Some really sensitive data was stolen there.
 
Hopefully, Capcom can improve it's security, so it does not get hacked again.
 
Read an update from gamesindustry biz:

With the company unsure about the security of its remote working setups, it reportedly sent an email to developers saying, "We are abandoning the remote network for the time being, and it was decided there is no choice but to come to work."

Capcom addressed the report in a statement sent to Kotaku, saying, "Capcom strives to provide a workplace environment with the utmost consideration given to the health and safety of employees.

"We have implemented both staggered work hours and telecommuting to the greatest extent possible, while carrying out best practices to prevent the spread of COVID-19, including social distancing at the office, checking employees' temperatures upon entry to the office and providing masks to all employees."

The original report also said the publisher wouldn't allow an employee union, which Capcom denied.

"While there are none currently active within the company, employees are free to form labor unions," Capcom told Kotaku. "Capcom strictly observes all relevant laws and regulations regarding employees forming labor unions.

"Capcom is committed to strictly observing all laws and regulations while furthering a working environment that prioritizes employee health, safety and peace of mind."
 
wasn't it like 350,000 people's information stolen all up?

Glad that I do not use them
 
Empire said:
wasn't it like 350,000 people's information stolen all up?

Glad that I do not use them
Click to expand...
Yeah it's quite the security breach plus their game production plans too.
 
cm2 said:
Read an update from gamesindustry biz:

With the company unsure about the security of its remote working setups, it reportedly sent an email to developers saying, "We are abandoning the remote network for the time being, and it was decided there is no choice but to come to work."

Capcom addressed the report in a statement sent to Kotaku, saying, "Capcom strives to provide a workplace environment with the utmost consideration given to the health and safety of employees.

"We have implemented both staggered work hours and telecommuting to the greatest extent possible, while carrying out best practices to prevent the spread of COVID-19, including social distancing at the office, checking employees' temperatures upon entry to the office and providing masks to all employees."

The original report also said the publisher wouldn't allow an employee union, which Capcom denied.

"While there are none currently active within the company, employees are free to form labor unions," Capcom told Kotaku. "Capcom strictly observes all relevant laws and regulations regarding employees forming labor unions.

"Capcom is committed to strictly observing all laws and regulations while furthering a working environment that prioritizes employee health, safety and peace of mind."
Click to expand...

called it.
 
You must log in or register to reply here.
Back
Top