Ransomware that was used to target the energy company EDP as well as a major French oceanic carrier is now involved in an attack on the Japanese game developer Capcom. In an official statement, the company says that the issue became evident on November 2, when "some of the Capcom Group networks experienced issues that affected access to certain systems, including email and file servers."
The "unauthorized access" turned out to be by a third-party attacker. "Capcom expressed its deepest regret for any inconvenience this may cause to its various stakeholders. Further, it stated that at present there is no indication that any customer information was breached. This incident has not affected connections for playing the company's games online or access to its various websites," the company added.
What happens now — At this moment, Capcom notes that it is in contact with law enforcement authorities as well as cybersecurity analysts to conduct a full probe into the attack. The creator of classics like Street Fighter and Resident Evil doesn't mention this particular detail but it has since been emphasized by Gizmodo: attackers were able to extract an estimated one terabyte of data related to the company's intel on networks used in Japan but also Canada and the United States.
Although Capcom has yet to confirm this, Kotaku notes that the attacker memo included claims of accessing "accounting files, banking statements, budget, and revenue files" as well as "intellectual property, proprietary business information, clients, and employees information [such as visas and passports]," and other sensitive data like non-disclosure agreements, contracts, sales summaries. At the end of the note, the hackers note that if "no deal [is] made" then the information will be auctioned to third parties.
Capcom does not mention the threat nor the extent of the damage. "The company will continue to offer relevant updates as the facts become clear via its websites and other means."
Ransomware attacks have increased by 109 percent since the COVID-19 pandemic began, in some cases, breaches are disguised as conventional system tasks, some COVID-19 tracker apps have even carried ransomware without the knowledge of users.
These attacks won't lessen anytime soon. But in the meanwhile, there are some steps you can take to lessen the chances of being exploited. You can protect your information by verifying the legitimacy of programs and apps you use, for example. Plus, creating backups of your files that only you have access to isn't a bad idea either, because if your data is then compromised and you can refuse ransom demands with confidence.