Capcom confirmed in November that it was the subject of a ransomware attack, which compromised a wide array of the company’s private information. The breach occurred on November 2, and on November 4 Capcom issued a press release which said “at present there is no indication that any customer information was breached”. However, the company said later in November, that some player information was among the compromised data, and today has updated the total number of potentially compromised information affects around 400,000 people.
If you’re reading this English-language news article, however, you can breathe easier. Capcom says it has no evidence that North American Capcom store and esports website information has been even possibly compromised. That was previously the only customer information outside of Japan suspected to be at risk.
However, the company has now confirmed that 16,415 people, including business partners, current employees, former employees, and their family members, have had some sort of data compromised. That’s up from nine data breaches confirmed back in November.
Capcom says a total of 390,000 people, including customers, business partners, and current and former employees and family members, are at risk for compromised data. The company says no credit card information has been compromised, as the company uses a third-party service provider and does not keep that information internally.
The attack has also compromised “sales data, business partner information, sales documents, development documents,” and more, including some information on Capcom’s upcoming releases. (Bear in mind if you come across such leaked information, however, that it’s all subject to change pending official announcements.)
Capcom says the group Ragnar Locker is behind the ransomware attack, and has been working with authorities in Japan and the US regarding the incident. The company has also brought in an outside IT security company for consultation.