Capcom has confirmed that approximately 350,000 items of personal data have been compromised due to a recent cyberattack that took place earlier this month.
The company had been the target of a ransomware attack on November 2. At the time, Capcom said it had no reason to believe any customer data was breached. However, it has now confirmed in a new update that roughly 350,000 items of customer and personal data have potentially been compromised.
The information includes names, addresses, phone numbers, email addresses, photos, “HR information” and more from persons in Japan and North American. The data of eSports operations website members, names of shareholders, shareholder numbers, amount of shareholdings and family information of former employees have also been leaked.
Capcom notes that “none of the at-risk data contains credit card information. All online transactions etc. are handled by a third-party service provider, and as such Capcom does not maintain any such information internally”.
The publisher has also confirmed that the personal information of nine current and former employees has been compromised, as well as undisclosed sales reports and other financial information.
Capcom has also reassured users that the Osaka Police department have been alerted of the situation, and that the company is working together with Japanese and American authorities to determine the full scope of the hack, as well as implement sticker security measures moving forward.
The company has also confirmed that it will release more updates as the case proceeds, and urges its users to “practice an abundance of caution” moving forward.
Capcom is the latest studio to be hit by hackers, following Ubisoft and Crytek, who were targeted in October. That data breach was revealed earlier this month after ransomware group Egregor leaked Watch Dogs: Legion’s source code onto private servers, following the companies’ failure to meet their demands.