IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Capcom data breach adds another 40,000 estimated victims

The gaming company now estimates up to 390,000 have been affected

CAPCOM logo on a smartphone screen

A ransomware attack launched against gaming company Capcom last November is much worse than originally reported.

In a statement, the company behind games such as Resident Evil, Street Fighter, and DarkStalkers said the attack potentially compromised up to 390,000 users’ data - 40,000 more than the company initially thought.

Capcom discovered the data breach, which the company said impacted personal and corporate data, in early November 2019.

Initially, the company confirmed the data leak affected only nine people and estimated the total impact to be 350,000 people. In a new update, Capcom said the company has verified that the breach compromised an additional 16,406 users' personal information, bringing the number of confirmed users impacted to 16,415.

The company said its investigations were ongoing, and it's “possible that new facts may come to light going forward.”

Related Resource

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

How to manage security risk and compliance - whitepaperDownload now

“Capcom offers its sincerest apologies for any complications and concerns that this may bring to its potentially impacted customers as well as to its many stakeholders,” the statement said.

Capcom added that none of the at-risk data contains credit card information. “All online transactions etc. are handled by a third-party service provider, and as such Capcom does not maintain any such information internally,” read the statement.

The company also said the areas this attack impacted are unrelated to systems used when connecting to the internet to play or purchase the company's games online. These have continued to use an external third-party server or an external server. 

“As such, these systems have been unaffected by this ransomware attack and it is safe for Capcom customers or others to connect to the internet to play or purchase the company's games online,” the company said.

Niamh Muldoon, global data protection officer at OneLogin, told IT Pro that ransomware is the one activity that has a high direct return on investment out of all the cyber crime activities. 

“Taking the global economic environment and current market conditions into consideration cybercriminals will, of course, continue to focus on their efforts to this revenue-generating stream. Remember that your employees are your most valuable assets both from a security threat awareness perspective but to provide valuable insights into the pulse and culture of the organization so it's important to keep a close eye on the ground,” Muldoon said.

“The key message here is no one, industry or company, is exempt from the ransomware threat and it requires constant focus, assessment, and review to ensure you and your critical information assets remain safeguarded and protected against it."

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Recommended

Twilio account breach result of sophisticated social engineering campaign
Security

Twilio account breach result of sophisticated social engineering campaign

9 Aug 2022
Over 200,000 DrayTek routers vulnerable to total device takeover
Security

Over 200,000 DrayTek routers vulnerable to total device takeover

3 Aug 2022
Data on 69 million Neopets users stolen and listed for sale on hacker forum
Security

Data on 69 million Neopets users stolen and listed for sale on hacker forum

21 Jul 2022
HackerOne employee fired for using position to steal bug bounties
Security

HackerOne employee fired for using position to steal bug bounties

4 Jul 2022

Most Popular

UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022