Capcom has confirmed today that it was the victim of a ransomware attack that has compromised employee personal information, financial data, and potentially other types of private data held by the company.
In a release today, Capcom reveals that the incident took place on November 2, 2020, and was perpetrated by an organization called Ragnar Locker, which was demanding ransom money in an attack on encrypted data on the company servers.
So far, Capcom has verified that the personal information of nine current and former employees was compromised, as well as undisclosed sales reports and other financial information.
In addition, the personal information of a maximum of approximately 350,000 business partners, former employees, and customers may have been compromised, along with the personal information of up to 14,000 current employees and related parties, and other unspecified confidential corporate information may have been compromised, though Capcom has yet to ascertain how many were impacted.
Capcom noted that none of the compromised data included credit card information.
The Osaka police were alerted to the situation, and the company is now conducting an investigation to determine the full scope of what information was compromised, as well as taken a number of measures to tighten security around its servers going forward.
Capcom concluded by confirming it was safe to connect to its games and websites, and that it would be contacting those who the company confirmed had their data compromised to inform them of the specifics of their situations.