In November 2020, Capcom confirmed it had suffered a huge data breach, with attackers stealing hundreds of thousands of confidential records and other data, including personal information of employees and plans for future games. In an update this week, Capcom confirms that it has completed its investigation into the attack.
The fourth update confirms that Capcom's internal systems are “near to completely restored” and the company has established an “IT Security Oversight Committee”, which will help maintain security moving forward. With solutions now in place, Capcom can now be a bit more transparent with what exactly went wrong in late 2020.
According to their investigation, the attackers gained unauthorised access to servers in October 2020 by exploiting an old backup VPN device that was being used at Capcom's US offices. At the time, Capcom had introduced a new VPN but one of the old VPN devices remained active and was not shut down. This device has now been removed from the network.
After gaining access through the VPN, the attackers were then able to compromise systems both at Capcom USA and Capcom Japan, leading to over 1TB of files being stolen. In total, the information of 15,649 people was compromised – initially the number was much larger but during the course of the investigation, Capcom was able to narrow the leak down. Capcom is contacting those who were impacted and has set up support lines for those affected to ask questions.
Following the cyberattack, there was a message left behind demanding a ransom but no specific monetary amount was specified. Additionally, Capcom confirms it “took no steps to make contact”. While this concludes Capcom's internal investigation, the publisher continues to work with “relevant authorities” to pursue legal options against the attackers.
Discuss on our Facebook page, HERE.
KitGuru Says: While we often see a lot of companies failing to offer transparency when it comes to cyberattacks, Capcom has taken the opposite approach. We've had regular updates and a lot of transparency over what happened and the solutions now in place, which is excellent. More companies should look at this and handle things in a similar way.