Japanese game developer Capcom — creator of classic worldwide hits like Street Fighter, and Resident Evil — has been hit with a ransomware attack to its internal networks, compromising a mass of corporate intel on the company’s internal operations.
Per a notice put out on the company’s investor-facing site, Capcom first noticed the attack early Monday morning when access to certain internal networks were suddenly disrupted. Capcom confirmed that the source of the issue was due to some unauthorised prodding carried out by an external bad actor, and it halted “some operations” of these corporate networks immediately after.
The memo’s objectively light on the details of the attack, but according to a sample of the hacking software unearthed by BleepingComputer, the attack was launched by a group using Ragnar Locker ransomware, a tactic we’ve seen used against at least one major energy company and a French oceanic carrier in recent months.
While the corporate note stated that there was “no indication” that any of the company’s customers had their data breached during the attack, the ransom note buried in the sample — and sent to Capcom’s headquarters — stated that the hackers had stolen a terabyte’s worth of company intel stored on Capcom’s corporate networks in Japan, Canada, and the USA:
We have BREACHED your security perimeter and get access to every server of company’s Network in different offices located in Japan, USA, Canada.
So we has DOWNLOADED more than 1TB total volume of your PRIVATE SENSITIVE Data, including:
-Accounting files, Banking Statements, Budget and Revenue files classified as Confidential, Tax Documents
-Intellectual Property, Proprietary Business information, Clients and Employees Personal information (Such as Passports and Visa), Incidents Acts
-Corporate Agreements and Contracts, Non-Disclosure Agreements, Confidential Agreements, Sales Summaries
-Also we have your Private Corporate Correspondence, Emails and Messenger Conversations, Marketing presentations, Audit reports and a lot of other Sensitive Information
If NO Deal made than all your Data will be Published and/or Sold through an auction to any third-parties.
At the tail end of the ransom note are links to a handful of screenshots of the stolen files, which allegedly include nuggets like employee termination agreements and passports, corporate bank statements, and contractor agreements. According to BleepingComputer, the note also slides in a link to a private page containing 24 megabytes of other stolen docs, like salary spreadsheets, immigration forms, and non-disclosure agreements.
Thus far, there isn’t an indication of how much money Capcom is being asked for, but considering how one of the more recent Ragnar Locker attacks attempted to shake 10 million euros (or $US11.8 ($16) million USD), it’s worth assuming the current asking price won’t be cheap.
Capcom noted to investors that it was consulting with local police and “other related authorities” while investigating the issue, and will keep offering updates “as the facts [behind the hack] become clear.”
We’ve reached out to Capcom’s team for comment and will update when we hear back.