It is really serious. Capcom is shocked to report that a huge amount of corporate data has been breached. The hackers redeemed 1,580 bitcoins, equivalent to 1.1 billion yen (about 300 million New Taiwan dollars). Now not only business secrets, but also “Evil Spirit Castle 8” and “Monsters” The confidential information of “Rise of the Hunter” has been launched on the Internet by hackers.
Capcom has notified all consumers and related parties. If you have recently received unknown emails, unknown calls and related strangers, be careful. After an urgent investigation, it was determined that this was a targeted lock-in attack. The hacker group cleverly encrypted the server’s intelligence and cleared the log, which delayed the investigation time.
Capcom has now engaged competent firms and external lawyers familiar with information security and intellectual property to assist, while at the same time hiring an external information security company to conduct an investigation and announce the results of the investigation in the follow up.
Capcom announced the latitude and longitude of the event, the following is the content
On November 2, the Capcom company internally asked for continuity of connection problems and, after preliminary understanding, the attack was ransomware that attacked the internal server and encrypted all data. A hacker organization “Ragnar Locker” who claimed to be taking action filed an amount of blackmail from Capcom and Cpacom immediately reported the case to Osaka police.
On November 4th, Capcom issued a preliminary announcement (web link). On November 12 it was confirmed that 9 personal data and some company information had leaked and the investigation was ongoing. The matter will be officially announced today November 16 (web link) (web link).
While Capcom is developing countermeasures, the hacker group, eager to ransom, launches a large confidential document on the video game version 4chan (/ v /), including the release plan between now and the second half of 2021. various details of “Evil Castle 8” and the news that “Monster Hunter: Rise” will be released in the PC version have been released on the main community sites (web links), causing an uproar.
The “Ragnar Locker” hacker group that committed the crime continues to target blocked companies, using vulnerabilities such as remote desktop protocols and hosting service providers to hack the target network and gain domain administrator rights, And then implant ransomware, etc. To steal sensitive corporate data and thus threaten the victimized company with high bitcoins as a ransom.
Undisclosed gaming intelligence of the files exposed by Capcom
1. “Evil Castle 8” regular and collector edition product information; 2021 launch is scheduled for April 2021, there will be a collector’s edition, in addition to PS5, Xbox Series X also PS4, Xbox One, including Chinese voice.
2. Google paid Capcom $ 10 million to rent “Castle of Evil 7” and “Castle of Evil 8” on the Stadia platform; Sony also paid $ 5 million for the VR version, limited-time exclusive DLC additional downloads and exclusive demo version
3. PS4 and Switch versions of “Reversal Referee 123 Chengbutang Collection” and “Reversal Referee 1 & 2” are sold separately but have original storage plans.
4. The VR version of “Evil Castle 4” is expected to launch on the Oculus platform in April 2021.
5. Netflix “Evil Castle: Endless Darkness” is expected to launch in May 2021.
6. The Switch version of “Monster Hunter: Rise” is expected to be a public trial on January 8, 2021, and the PC version is expected to go on sale in October 2021.
7. The source code of “Devil Hunter 2” and “Evil Castle: Chronicles of Umbrellas”.
8. The Code is a brand new multiplayer shooter from “SHIELD”.
Massive exposure of Capcom’s internal corporate information
It is reported that the hacker group “Ragnar Locker” announced that it has downloaded about 1 TB of data from Capcom servers, including the blocking of more than 2,000 devices within Capcom. The data covers Capcom North America, Japan, Canada, etc. And the scope of influence includes file servers, email servers, employee personal information, bank statements, confidentiality agreements, revenue statistics, customer information, shareholder information, staff information, etc. .
According to Capcom statistics, it is related to personal information …
1. 9 personal information: 5 pieces of former employees and 4 pieces of current employees, including personal name, signature, address and other staff information.
2. Customer and user data sales information can be up to 350,000pcs.
3. Approximately 134,000 transactions from the Japan Customer Service Center.
4. Approximately 14,000 information on Capcom Store members in North America.
5. About 4,000 member information on North American e-sports websites.
6. 40,000 shareholder information, including shareholder names, contact information, resigned employees who have received assignments and family information.
7. Information on previous candidates (interview or related) is approximately 125,000 pieces.
8. Approximately 14,000 personal information of employees and related parties.
Among them, the official website mall (e-Capcom, etc.) uses the external cash flow system, and the consumer’s credit card information is not affected; however, some logs have disappeared, so the number of impacts cannot be confirmed temporarily. Capcom released a statement, noting that there is no indication that customer information has leaked.
In case of doubts about this outflow incident, Capcom has opened windows in Japan and North America for consumers to inquire (web link).