Japanese game developer Capcom has disclosed that they suffered a cyberattack over the weekend that is impacting business operations, including email systems.

Capcom is well-known for its iconic game franchises, including Street Fighter, Resident Evil, Devil May Cry, Monster Hunter, and Mega Man.

In a “Notice Regarding Network Issues,” Capcom states that they began experiencing issues with their file and mail servers on the morning of November 2nd, 2020. After determining it was a cyberattack, they halted portions of their corporate network to prevent the attack’s spread.

“Beginning in the early morning hours of November 2, 2020 some of the Capcom Group networks experienced issues that affected access to certain systems, including email and file servers. The company has confirmed that this was due to unauthorized access carried out by a third party, and that it has halted some operations of its internal networks as of November 2.”

Since the attack, Capcom has been displaying notices on its site warning visitors that emails and document requests will not be answered due to the attack impacting email systems.

Notice about email being down
Notice about email being down

The attack, though, has not “affected connections for playing the company’s games online or access to its various websites.”

Capcom states that its current investigation has not found that any customer data was stolen. Still, the company does not indicate if their corporate data was exfiltrated during the attack.

If this turns out to be a ransomware attack, which from their description is likely, then their corporate data may have been stolen before the ransomware was deployed.

Since 2019, ransomware gangs have been utilizing a double-extortion strategy of stealing unencrypted data before encrypting devices. The attackers then threaten to publicly publish this stolen data on ransomware data leak sites if a ransom is not paid.

While Capcom has not stated that this was a ransomware attack, sources have told BleepingComputer that Capcom suffered a TrickBot infection in August, which commonly lead to Ryuk or Conti ransomware attacks.

The REvil ransomware operation, named ironically after Resident Evil, stated in a recent interview that they had breached a “major gaming company” and would announce it soon. It is not known if this is related to Capcom’s cyberattack.

re-blogged from bleeping computer

Check out our Ransomware Protection Services to protect your business from these types of attacks!