Japanese video game developer Capcom Co. Ltd. has suffered a cyberattack that enabled unknown hackers to gain access to its internal emails and file servers.

The attack, discovered Nov. 2, is described only as “due to unauthorized access carried out by a third party,” halting some operations of the company’s internal networks. Capcom expressed “deepest regret” for any inconvenience caused by the hack and said it had no indication that any customer information was breached, though it didn’t deny that company information had been stolen.

What form of attack took place has not been officially confirmed, but some reports suggest it involved Ragnar Locker ransomware. According to Techoffside, the ransomware attack infected 2,000 computers across Capcom’s network and 1 terabyte of data was stolen. Those behind the attack demanded an $11 million ransom payment not to release the stolen data.

The stolen data is said to include financial documents, employee information, confidential contracts, chat logs, emails and marketing files.

Ragnar Locker ransomware was last in the news with an attack on French shipping giant CMA CGM S.A. in September. Another suspected victim of Ragnar Locker ransomware, business travel management company CWT Global B.V., was reported to have paid those behind the ransomware attack $4.5 million in August.

“This attack is not the first time we’ve observed threat actors targeting video game development organizations,” Jamie Hart, cyber threat intelligence analyst at digital risk protection provider Digital Shadows Ltd. told SiliconANGLE. “Threat actors may target companies within the video game industry due to the potential for a high payout. For example, Egregor ransomware operators targeted game developers Ubisoft and Crytek in October 2020. Additionally, Sodinokibi (REvil) ransomware operators have reportedly promised an attack targeting a very large video game developer in the future.”

Mark Kedgley, chief technology officer at information technology security and compliance software company New Net Technologies Ltd., said cybersecurity needs discipline and strategy, as well as the “full range of ‘Super Combo’ moves, including vulnerability management, system hardening and change control. Mastering all of these is essential in order to counteract the ‘End of Level Bosses’ of the hacker world, including today’s ever-present ransomware threat.”

Photo: Cabeza2000/Wikimedia Commons