Capcom has fallen victim to a cyberattack. Data held on its servers in locations across the US, Canada, and Japan has all been compromised.
The stolen information reportedly contains a lot of sensitive details relating to current and former employees of Capcom, non-disclosure agreements, and customers of Capcom.
Capcom Confirms "Unauthorized Access"
In a Capcom press release dated November 4, 2020, the company confirmed that it was suffering from email and file server problems thanks to unauthorized access to its network.
Capcom is yet to confirm any details of the security breach, but some sources are suggesting that this is a Ragnar Locker attack. During one of these attacks, hackers will infiltrate a network and then disable both the email and the database services of the infected system.
This is exactly what happened with Capcom, which it confirms in the aforementioned press release. However, further evidence has since come to light which may offer further clues as to what was taken, who took it, and how they took it.
The Capcom Attack Is Reportedly Ransomware
According to BleepingComputer, a Twitter user and infosec researcher called @pancak3lullz, located a sample of the ransomware used by the criminals to steal Capcom's data.
The information was then analyzed and it's claimed that the Ragnar Locker gang is behind the breach. It wasn't just the perpetrators of the attack that were confirmed by the security researcher.
They were able to run the sample of the Ragnar Locker ransomware and locate the ransom note left behind by the attackers. What follows is fairly typical of a ransomware attack.
The ransom note alerts whoever finds it to the fact that their security has been compromised. It also lays out the terms of the ransom. In this case, the ransom is the data stolen by the Ragnar Locker gang.
The victims of the ransomware attack, in this case, Capcom, are then directed to an encrypted live chat, usually via TOR. This means that the attackers can retain their anonymity and remain hidden from the authorities.
It's believed that the ransom figure stands at $11 million and the release of 2,000 devices that have been encrypted in the ransomware attack. The attackers have also promised to delete all of the stolen data. Whether they do or not remains to be seen.
Should You Worry About the Capcom Data Breach?
Currently, it is difficult to say whether this will affect the general public. Unfortunately, you will currently be unable to open a helpdesk ticket with Capcom as its email systems are still down. However, this is currently being dealt with by Capcom and it will presumably release information on what you need to do, if anything, when the need arises.
This attack does serve to illustrate that everyone should be careful with their online data and that even the largest companies can fall foul of malicious attacks.