Please view the main text area of the page by skipping the main menu.

Japan game firm Capcom subjected to alleged data leak by hackers seeking payout

The entrance to the headquarters of video game firm Capcom Co., which was targeted in a cyberattack, is seen in Osaka's Chuo Ward on Nov. 11, 2020. (Mainichi/Saori Moriguchi)

OSAKA -- A large quantity of documents appearing to comprise internal and personal data owned by major videogame firm Capcom Co. has been released on the internet following a cyberattack in which a group of hackers stole confidential information and held it to ransom, according to reports from individuals connected to the case.

    The group is reported to have demanded that the game maker, based in the western Japan city of Osaka's Chuo Ward, pay up in virtual currency. A deadline was set at 8 a.m. Nov. 11 (JST). The Osaka Prefectural Police have been consulted about the case, and they are proceeding with efforts to collect information on it.

    According to the individual connected to the events, the group behind the attack goes by the name "Ragnar Locker." They attacked Capcom's network and stole around a terabyte of documents that included personal data of customers and employees, and business-related information. The group announced that they were behind the raid via an online announcement on Nov. 9. In it, they demanded payment via virtual currency, and said it would delete the collected data if Capcom complied with its terms.

    On Nov. 11, the internal information from Capcom was uploaded onto the dark web, which can only be accessed using specific software. The Mainichi Shimbun engaged Tetsutaro Uehara, an associate professor at Kyoto's Ritsumeikan University and specialist in cybersecurity to obtain part of the data.

    A document from the hacker group Ragnar Locker, in which they issued threats and claimed responsibility for the theft of around a terabyte of internal information at videogame firm Capcom Co., is seen in this image provided by associate professor Tetsutaro Uehara of Ritsumeikan University.

    The documents appear to include sales figures, payroll records, images of related persons passports and internal emails, among other items. The group behind the release also left a message saying that Capcom had not cooperated with their requests. The data released so far is apparently just part of what was obtained, and the hackers are seeking further negotiations.

    On Nov. 4, Capcom announced on its official website that unauthorized access from a third party caused a system failure including on its internal email. Speaking to reporters, the company said, "We're still in the middle of an investigation, and at the present time we haven't confirmed if customer data has been leaked. We are speaking to police about the unauthorized access."

    In recent years, there have been continual instances worldwide of cybercrime groups using ransomware viruses and other means to illegally obtain confidential information from companies, and then demanding huge amounts of money in return for the data.

    (Japanese original by Yuma Hori and Saori Moriguchi, Osaka City News Department)

    Also in The Mainichi

    The Mainichi on social media