Japanese video game maker Capcom suffers cyberattack

Capcom's email and file servers breached by a third party

Capcom cyberattackJapanese game developer Capcom announced unauthorized access to its internal networks

One of the largest of Japan's video game makers has announced that it has was hit by a cyberattack in the early morning hours of November 2, 2020. According to a brief notice posted on the company's official website on November 4,[1] an unauthorized third party managed to access some of the internal networks, which impacted email and file servers. According to the announcement, the game developer began noticing that something was wrong after Capcom Group networks began experienced issues.

As soon as the game developer discovered the intrusion, it had to stop some of its operations on the internal networks (the action is likely to come in order to stop the cyberattack from spreading laterally):

The company has confirmed that this was due to unauthorized access carried out by a third party, and that it has halted some operations of its internal networks as of November 2.

Capcom is a Japanese video game developer established back in 1979 and since released iconic video games recognized all over the world, including Resident Evil series, Street Fighter, Monster Hunter, and many other titles. While based in Osaka, Japan, the company has a multitude of subsidiaries in Europe, the USA, and Asia.[2]

Games not affected, no customer data breached

While the video game developer had to stop some of its services in order to deal with the unauthorized access, it was also claimed that no servers that are used to provide gaming services were affected. All Capcom's websites, including the Japanese one, was also in full operation.

Other good news is that the customer information also remained untouched, despite the cyberattack affecting email and file servers. Like any other gaming company, Capcom has databases that hold a lot of personal consumer data, which, if breached, could cause serious privacy issues to users.

The cyberattack did not end up without disruptions beyond internal networks. Capcom explained that it is incapable of fulfilling requests or for documents and inquiries at the present time, as is stated on the “Contact Us” section of the official website:[3]

We are currently unable to reply to inquiries and/or to fulfill requests for documents via this form following the network issues that began November 2, 2020.
Capcom deeply regrets any inconvenience this may cause.
Please see the press release, “Notice Regarding Network Issues due to Unauthorized Access” for more details.

The company deeply apologized to the investors and whatever inconvenience this might cause them.

No information on who is behind the cyberattack on Capcom

According to the public announcement, the game developer immediately contacted the relevant law enforcement agencies and is actively working with the police to continue the investigation. It was also stated that the company will provide any news related to the incident on the website and “other means” if such new information arises as a result of the investigation insights.

While Capcom did not disclose whether it was a ransomware attack, it is widely believed to be the case. According to some sources,[4] REvil ransomware developers (ironically named after the Resident Evil game) stated that they have breached a “major gaming” company and will announce the details in a short period of time. This is yet to be confirmed.

If that is the case, Capcom would face a corporate data breach, as ransomware developers now incorporate double-extortion tactics, where they leak sensitive data and threaten to publish it publicly if such ransom demands are not met on time. Maze ransomware gang (which recently announced its retirement from the illegal business)[5] started the trend at the end of 2019, and all “Big Game Hunting” strains adapted it fairly quickly.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions