Capcom details what data was compiled in cyberattack

Illustration for Capcom's description of what data was compromised in the cyberattack

Photo: Fully TRIBALLEAU / AFP (Getty Images)

As Kotaku previously reported, Capcom was killed by a cyber attack, in which a group claimed to have stolen 1TB of employee and customer data. Today, Capcom detailed what data was compromised.

In An official release, Capcom listed what the hitherto unconfirmed leaked data said “additional personal and corporate information may have been compromised in this attack.” Capcom is consulting with police and other officials.

As of 16 November, below are both verified and potentially included data.

1. Verified information was compromised

Me. Personal Information: 9 items

  • Personal information of former employees: 5 items (Name and signature: 2 items; Name and address: 1 item; Passport information: 2 items)
  • Personal information of employees: 4 items (Name and HR information: 3 items; Name and signature: 1 item)

ii. other information

  • sales report
  • financial information

2. Potentially Compromised Data

Me. Personal information (customer, business partner, etc.): Approx. 350,000 items

  • Japan: Customer Service Video Game Support Help Desk Information (about 1,38,000 items); Names, addresses, phone numbers, email addresses
  • North America: Capcom Store Member Information (approximately 14,000 items); Name, Date of Birth, Email Address
  • North America: Operations exports to website members (about 4,000 items); Name, email address, gender information
  • List of shareholders (about 40,000 items); Name, address, shareholder number, shareholding amount
  • (Including family) information of former employees (about 28,000 people); Information of applicants (about 125,000 people); Names, dates of birth, addresses, phone numbers, email addresses, photos, etc.

ii. Personal information (employees and related parties)

  • Human Resource Information (about 14,000 people)

iii. Confidential Corporate Information

  • Sales data, business partner information, sales documents, development documents, etc.

According to Capcom, credit card risks were not part of the risk data because those transactions are handled by third parties; Also, it did not have an impact on games and websites. Capcom also said that it would strengthen its online security to avoid future attacks.

The Osaka-based game maker said, “Capcom apologizes sincerely for any complexities and concerns it may potentially reach to affected customers as well as its many stakeholders.”

You can read the full release Here only, Which includes contact information for those whose data was tampered with.


Leave a Reply