Capcom has concluded the investigation into the ransomware attack which suffered in November 2020, which led to the theft of personal information of company employees, as well as internal documents about games and projects yet to be announced. In a document They detail how the computer attack happened and the new security measures they have taken.
According to their research, the number of people whose information has been compromised is around 15,000 people, but none of the data compromised having been stolen concerns credit card information: all transactions are carried out through an external provider, in a different system.
The same occurs with the data of users who connect to the Internet to buy or play the company’s online games, who use another external system that has been left out of the attack, for which they affirm that it is totally safe for any user to connect to Capcom games.
Apparently, the cyberattack occurred through an old VPN device (Virtual Private Network) at Capcom’s North American headquarters. By then, the entire Capcom group had already introduced a new VPN model, but due to the overload of Capcom’s networks due to to the Covid-19 pandemic, an old VPN was kept as an emergency backup in case of communication errors.
Subsequently, the report goes on to detail the new measures taken to prevent future incidents, including several security systems SOC (Security Operation Center) and EDR (Endpoint Detection and Response), in addition to organizing a technology security committee at the end of January 2021.
They also explain that, on the recommendation of the security authorities, did not establish any contact with the perpetrators of the cyber attack, who despite leaving instructions to negotiate, never gave a figure for the reward. By last, they reiterate their apologies deeper for any inconvenience or complication caused by the incident.