Facepalm: Remember Capcom’s ‘internal network’ breach back in November 2020? The one that exposed “no customer data”? While that could still be true, it looks like the breach was quite a bit more severe than the company initially let on. According to a press release published today, approximately 390,000 people may have had their personal information leaked in the attack.
This is an increase of approximately 40,000 people compared to Capcom’s previous damage reports, which is a significant jump. For those who are unaware, the publisher was the victim of a “customized ransomware attack,” seemingly targeted specifically at its internal network.
Capcom initially downplayed the severity of the breach, claiming that no customers were impacted. Again, that could be true, but the gaming giant is sending some mixed signals in its latest report.
In one portion of the report, Capcom claims none of its payment systems or online servers have been affected by the ransomware attack, making it “safe” for users to continue connecting to the internet to purchase or play its games.
In another area, however, it lists customers as one of the groups “potentially impacted” by the attack, so we simply don’t know how widespread the breach is at this time.
Potentially exposed information includes names, addresses, phone numbers, email addresses, and (in the case of current and former employees) HR details.
We’ll continue following up on the impact of this breach as Capcom’s investigation forges ahead. If it turns out that customers are indeed at risk, we will do our best to let you know right away.