Capcom has announced that they’ve suffered from a ransomware attack on Wednesday. While they claim that no customer data has been stolen, nor has the online play for any games been affected, the hackers known as Ragnar Locker have claimed to have taken over 1TB of information from the company encrypting 2,000 servers on their network.
A malware researcher known as pancak3 was first to confirm the attack. Pancak3 uploaded a sample of the ransomware on a malware analysis website and found a ransom note directed at Capcom.
“HELLO, CAPCOM! If you are reading this message, it means your network was PENETRATED, and all of your files and data have been ENCRYPTED by R A G N A R L O C K E R !” the message reads. It mentions that they are only willing to remove the ransomware via decrypter if they’re paid $11 million in bitcoin. They also state that the only negotiation that can occur is through a private chat, but at the time of this writing, Capcom has yet to access this chat.
Amongst the 1TB of files, Ragnar Locker claims to have: Budget and Revenue files classified as Confidential, Passports, and Visas of Capcom Employees, NDAs, Confidential Agreements, and additional sensitive information. Ragnar Locker has claimed that they will delete all stolen data if they get their ransom. But if no deal has been made, they will sell the information to rival companies via an auction.
It should be noted that most of the time, ransomware hackers do not always delete files as promised.
While Capcom has acknowledged this situation, there seems to be no officially stated plan regarding this attack. Their statement issued on Wednesday reads:
In the early morning hours of November 2, 2020, some of the Capcom Group networks experienced issues that affected access to certain systems, including email and file servers. The company has confirmed that this was due to unauthorized access carried out by a third party and that it has halted some operations of its internal networks as of November 2. Capcom expressed its deepest regret for any inconvenience this may cause to its various stakeholders. Further, it stated that at present, there is no indication that any customer information was breached. This incident has not affected connections for playing the company’s games online or accessing its various websites.
Presently, Capcom is consulting with the police and other related authorities while carrying out an investigation and taking measures to restore its systems. The company will continue to offer relevant updates as the facts become clear via its websites and other means.
This post may contain Amazon affiliate links. As an Amazon Associate Noisy Pixel earns from qualifying purchases.