Japanese Gaming Giant Capcom, creator of popular games including Resident Evil and Street Fighter, fell victim to a ransomware hit in early November, with attackers allegedly demanding $11 million in bitcoin in exchange for not leaking illegally obtained confidential information to the public, CoinDesk Japan reported Tuesday.
In a Nov. 4 press release, Capcom said the group’s networks had come under attack in the early morning hours of Nov. 2. The attacks affected “certain systems” including email and file servers, and there was no indication any customer information was breached, the announcement said. The company is currently consulting with local law enforcement on the investigation into the attack.
Read more: Bitcoin’s Ransomware Problem Won’t Go Away
On Tuesday, Nikkei Japan reported a group calling itself “RAGNAR LOCKER” had succeeded on Nov. 9 in downloading 1 terabyte of sensitive data from Capcom, including personal information of employees and customers. In return for not leaking the information, the attackers reportedly ordered the company to contact the organization by 8:00 a.m. Japan time by Nov 11.
Japanese media organization Asahi Shimbun also reported on Nov. 9 that some of Capcom’s internal servers and computers were infected with ransomware, and certain company operations were temporarily suspended. When a network is infected with ransomware, user access is restricted. Ransomware creators then demand ransoms from affected companies and others to lift the restrictions.
Asahi’s TV news program “Hodo Station” said on Nov. 10 that cybercriminals may be demanding Capcom pay a ransom of 1.1 billion yen ($11 million) in bitcoin, CoinDesk Japan reported.
On Wednesday, The Japan Times and Nikkei Japan reported that the hacker group has released some of the illegally obtained information after Capcom failed to meet the 8:00 a.m. deadline. According to Japan Times, some content is viewable and contains images of passports.
Capcom refrained from commenting on details, but did say that it has not confirmed that any customer information leaks so far.
Update (Nov. 11, 2020, 14:36 UTC): The attackers followed through on their threat after this article was published, releasing confidential information early Wednesday.