A ransomware attack that hit online game developer Capcom on November 2 has revealed a data breach affecting roughly 350,000 individuals.
Although the preliminary report of the Ragnar Locker operation that crippled its email and file servers emphasized that customer information was not compromised, an incident update published yesterday reveals a more serious outcome.
The data breach notification released by the creator of Street Fighter, Resident Evil and Devil May Cry on November 16 confirms that personal information of customers and employees was indeed compromised in the attack.
The Ragnar Locker gang apparently managed to access a range of personal identifiable information of customers, including names, addresses, gender, phone numbers, email addresses, birth dates, investor names, amount of shareholdings and photos. The attackers were also able to view and exfiltrate data belonging to Capcom employees, including but not limited to full names, addresses, passport information, date of birth, signatures, phone numbers and email addresses.
Additional compromised data includes confidential corporate information, such as sales documents and business partner information. The full list can be seen below:
Slightly alleviating concerns of customers, Capcom points out key information that was not compromised in the attack:
“None of the at-risk data contains credit card information,” the company said. “All online transactions etc. are handled by a third-party service provider, and as such Capcom does not maintain any such information internally.”
Although it doesn”t seem that any login credentials were compromised during the attack, and the game developer confirms that “it is safe for Capcom customers or others to connect to play the company’s games online and access its websites,” users awareness and safe practices are advised.
As a precaution, online users should consider changing the password associated with their account and look out for any suspicious emails claiming to be from Capcom. Never provide personal and financial information to any individuals contacting you via any online method.
Were you a victim of a data breach? Find out with Bitdefender’s Digital Identity Protection tool.
tags
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsNovember 14, 2024
September 06, 2024