Capcom Says Personal Data of Thousands More Stolen in Ransomware Attack

Video game giant Capcom this week revealed that thousands more people than initially believed had their personal information stolen in a ransomware attack in November 2020.


Known for video games such as Devil May Cry, Monster Hunter, Resident Evil, Street Fighter, Ace Attorney and Mega Man, the Japanese company has operations in Asia, Europe, and the United States.


On November 4, the game maker announced that it detected unauthorized access to its network, and two weeks later confirmed that the attackers accessed the personal information of employees, as well as financial information, sales reports, and other business data.


The operators of the Ragnar Locker ransomware, who claimed the attack, said in November they were able to download over 1TB of data from the company.


This week, Capcom announced that its investigation into the incident revealed that the number of people who had their personal information compromised in the ransomware attack is larger than initially believed.


Specifically, the company now says that a total of 16,415 people (including 3,248 business partners, 9,164 former employees and related parties, and 3,994 employees and related parties) had their personal information stolen. Initially, Capcom said only 9 people were impacted.


Affected information includes names, physical and email addresses, phone numbers, HR information, birthdates, passport information, and the like.


The “potential maximum number of customers, business partners and other external parties” that might have been affected by the incident is of approximately 390,000 people (up roughly 40,000 people from previous estimates), Capcom says.


The company removed approximately 18,000 items of personal information from ..