Capcom acknowledges theft of customer and employee data

Capcom, the famous Japanese video game developer and distributor, has acknowledged that the Ransomware attack suffered at the beginning of the month allowed the attackers steal confidential information from customers and employees.

If you grew up in arcades or later playing video games, you will know Capcom as the creator of gaming machines or well-known gaming franchises, such as Resident Evil, Street Fighter, Devil May Cry or Mega Man, to name just a few. On November 2, Capcom suffered a cyber attack that led it to shut down parts of its network to stop the spread of the infection.

MS Recommends

Manage your company’s devices intelligently Read

It soon became known that Ragnar locker caused the cyberattack on Capcom, after a security researcher found a sample of the malware used. Capcom stated that it “had no indication that any data was stolen or that customer information had been breached.”

The statement contradicted the Ragnar Locker samples and the very approach to these types of attacks, as all human-operated ransomware operations steal unencrypted files before encrypting them and thereby extortion.

Capcom acknowledges data theft

Ten days later, Capcom has admitted the theft of data and not just confidential corporate documents, but cybercriminals also stole customer and employee data.

During the attack, the hackers gained access to the names, addresses, gender, phone numbers, email addresses, dates of birth, names of investors, number of shares and photos of clients. For employees, the exposed information could include names, addresses, passport information, signatures, dates of birth, phone numbers, photos, email addresses and other personal information.

Capcom claims that they were unable to access credit card information or payment transactions as they are processed by a third-party service provider, although it warned that the total amount of data stolen “cannot be specifically determined” due to the loss of your own internal records in the cyber attack.


From the looks of it, they were also unable to access account logins and user passwords. In either case, criminals could use the information obtained in targeted phishing attacks that attempt to steal more confidential information from employees and customers. If you receive an email from Capcom requesting confidential information, be suspicious immediately. And change the account and password for greater security.

As for Ransomware, what to tell you that you don’t already know. It continues to roam freely on global computer networks and is the industry’s leading cyber threat.