Capcom Releases Official Statement After Cyberattack, Apologizes For Customer Information Leak
Capcom addresses cyber attack
News by Grayshadow on Nov 17, 2020
Recently Capcom had a massive breach of information. With cybercriminals hacking into Capcom's servers and stealing a lot of sensitive information including customer data. Capcom stated back on November 4th “There is no indication that any customer information was breached” the results of an investigation as of November 16th proved otherwise. With Capcom customers and business partners possibly leaked.
The leak includes phone numbers, addresses, emails, dates of births, gender, and names. The list does not include passwords or credit card information.
1. Information verified to have been compromised
i. Personal information: 9 items
- Personal information of former employees: 5 items
(Name & signature: 2 items; name & address: 1 item; passport information: 2 items)- Personal information of employees: 4 items
(Name and HR information: 3 items; name & signature: 1 item)
2. Other information
Sales reports
Financial information
2. Potentially compromised data
i. Personal information (customers, business partners, etc.): maximum of approx. 350,000 items
- Japan: Customer service video game support help desk information (approx.134,000 items)
Names, addresses, phone numbers, email addresses- North America: Capcom Store member information (approx. 14,000 items)
Names, birthdates, email addresses- North America: Esports operations website members (approx. 4,000 items)
Names, email addresses, gender information- List of shareholders (approx. 40,000 items)
Names, addresses, shareholder numbers, amount of shareholdings- Former employees' (including family) information (approx. 28,000 people);
applicants' information (approx. 125,000 people)
Names, birthdates, addresses, phone numbers, email addresses, photos, etc.ii. Personal information (employees and related parties)
- Human resources information (approx. 14,000 people)
iii. Confidential corporate information
- Sales data, business partner information, sales documents, development documents, etc.
3. Support for individuals whose personal information has been confirmed to have been compromised and those whose information has potentially been compromised
i. Action addressing personal or corporate information confirmed to have been compromised
Capcom has begun contacting individuals whose information it has verified to have been compromised to explain the background of this incident and current situation.
Capcom explained the attack was due to unauthorized access to its internal servers and was discovered on November 2nd. They shut down the servers to minimize risk and have requested help from a cybersecurity company. This includes The Osaka Prefecture Police Department, the General Data Protection Regulation in Europe, and the Personal Information Protection Commission in Japan.
Capcom stated the attack was made to order ransomware to target Capcom, making it difficult to investigate. Capcom has addressed concerns and stated it'll take the necessary steps to ensure this does not happen again.
Adam Siddiqui,
Managing Editor, NoobFeed
Twitter | YouTube | Facebook
Contributor, NoobFeed
Related News
No Data.