Capcom have posted a press released stating that they were “the victim of a customized ransomware attack” and that corporate records have been stolen along with the names, addresses, phone numbers, birthdates, and email addresses of 350,000 people. No credit card or payment information was stolen.
Those affected include people who have contacted customer service in Japan, Capcom store members and Esports members in North America, their shareholders, former employees, and people who have applied to join the company. Capcom say they have “begun contacting individuals whose information it has verified to have been compromised to explain the background of this incident and current situation.”
Along with this personal data the hackers are said to have taken sales reports, financial information, development documents, and information on business partners. The mind boggles at just how one hack managed to access so many different areas of the company, clearly their internal security needs looking at.
If you think you may be one of the individuals who’s data has been compromised you can contact Capcom as below.
|Japan: Capcom Data Security Incident Support Line (Japanese only)|
|Tel. (toll-free):||Game customer inquiries||0120-400161|
|Hours: 10:00 AM – 08:00 PM|
|North America: Capcom USA Customer Support Page
|EMEA: Capcom Europe Customer Support
Here is a full breakdown of what was stolen
1. Information verified to have been compromised
i. Personal information: 9 items
- Personal information of former employees: 5 items
(Name & signature: 2 items; name & address: 1 item; passport information: 2 items)
- Personal information of employees: 4 items
(Name and HR information: 3 items; name & signature: 1 item)
ii. Other information
- Sales reports
- Financial information
2. Potentially compromised data
i. Personal information (customers, business partners, etc.): maximum of approx. 350,000 items
- Japan: Customer service video game support help desk information (approx.134,000 items)
Names, addresses, phone numbers, email addresses
- North America: Capcom Store member information (approx. 14,000 items)
Names, birthdates, email addresses
- North America: Esports operations website members (approx. 4,000 items)
Names, email addresses, gender information
- List of shareholders (approx. 40,000 items)
Names, addresses, shareholder numbers, amount of shareholdings
- Former employees’ (including family) information (approx. 28,000 people);
applicants’ information (approx. 125,000 people)
Names, birthdates, addresses, phone numbers, email addresses, photos, etc.
ii. Personal information (employees and related parties)
- Human resources information (approx. 14,000 people)
iii. Confidential corporate information
- Sales data, business partner information, sales documents, development documents, etc.
Capcom are implementing measures going forward and coordinating with law enforcement authorities in Japan and the U.S. ” It is safe for Capcom customers or others to connect to play the company’s games online and access its websites,” they add.
Capcom would once again like to reiterate its deepest apologies for any complications or concerns caused by this incident. As a company that handles digital content, it is regarding this incident with the utmost seriousness. In order to prevent the reoccurrence of such an event, it will endeavor to further strengthen its management structure while pursing legal options regarding criminal acts such as unauthorized access of its networks.