CAPCOM Shares Details of Compromised Data from Recent Cyberattack

CAPCOM logo

Game company CAPCOM was recently hit with a cyberattack from an outside source and claims to have stolen a lot of employee and customer data. The game company now gives details of what was compromised.

An official press release was shared on the official Japanese website, revealing the details of what was stolen. The game company also offered its sincerest apologies for what has happened and are cooperating with the authorities for swift action. Here are the details:

1. Information verified to have been compromised

i. Personal information: 9 items

  • Personal information of former employees: 5 items
    (Name & signature: 2 items; name & address: 1 item; passport information: 2 items)
  • Personal information of employees: 4 items
    (Name and HR information: 3 items; name & signature: 1 item)

ii. Other information

  • Sales reports
  • Financial information

2. Potentially compromised data

i. Personal information (customers, business partners, etc.): maximum of approx. 350,000 items

  • Japan: Customer service video game support help desk information (approx.134,000 items)
    Names, addresses, phone numbers, email addresses
  • North America: Capcom Store member information (approx. 14,000 items)
    Names, birthdates, email addresses
  • North America: Esports operations website members (approx. 4,000 items)
    Names, email addresses, gender information
  • List of shareholders (approx. 40,000 items)
    Names, addresses, shareholder numbers, amount of shareholdings
  • Former employees’ (including family) information (approx. 28,000 people);
    applicants’ information (approx. 125,000 people)
    Names, birthdates, addresses, phone numbers, email addresses, photos, etc.

ii. Personal information (employees and related parties)

  • Human resources information (approx. 14,000 people)

iii. Confidential corporate information

  • Sales data, business partner information, sales documents, development documents, etc.

CAPCOM clarified that none of the at-risk data contains credit card information since all online transactions and others are handled by third-party service provider. This does not make the game company hold such information internally, so that kind of information is safe.

Another source from Resetera claimed more information has been leaked and are now out in the wild. Some of the claimed leaks suggest the official release date of Resident Evil Villa, which is supposed to be on April 2021. Another is a leak about Monster Hunter Rise, which claims to be not a Switch exclusive for long. It may come to PC in October. Also, the other title Monster Hunter Stories 2 is rumored to come to PC as well sometime in June 2021.

There were other titles leaked as well like Project Gullotine, Project Reiwa, and Project Shield. All of these leaks are to be taken with a grain of salt as CAPCOM has not confirmed or denied that these details.

Sources: CAPCOM, Resetera