Capcom Details What Data Was Compromised In Cyberattack

Capcom Details What Data Was Compromised In Cyberattack
Photo: CHARLY TRIBALLEAU/AFP, Getty Images

As Kotaku previously reported, Capcom was hit by a cyberattack, with a group claiming to have stolen 1TB of employee and customer data. Today, Capcom detailed what data was compromised.

In an official release, Capcom listed what the leaked data it had confirmed so far, adding that “additional personal and corporate information may have been compromised in this attack.” Capcom has been consulting with the police and other authorities.

As of November 16, below are both the verified and potentially comprised data.

1. Information verified to have been compromised

i. Personal information: 9 items

  • Personal information of former employees: 5 items (Name & signature: 2 items; name & address: 1 item; passport information: 2 items)

  • Personal information of employees: 4 items (Name and HR information: 3 items; name & signature: 1 item)

ii. Other information

  • Sales reports

  • Financial information

2. Potentially compromised data

i. Personal information (customers, business partners, etc.): maximum of approx. 350,000 items

  • Japan: Customer service video game support help desk information (approx.134,000 items); Names, addresses, phone numbers, email addresses
  • North America: Capcom Store member information (approx. 14,000 items); Names, birthdates, email addresses
  • North America: Esports operations website members (approx. 4,000 items); Names, email addresses, gender information
  • List of shareholders (approx. 40,000 items); Names, addresses, shareholder numbers, amount of shareholdings
  • Former employees’ (including family) information (approx. 28,000 people); applicants’ information (approx. 125,000 people); Names, birthdates, addresses, phone numbers, email addresses, photos, etc.

ii. Personal information (employees and related parties)

  • Human resources information (approx. 14,000 people)

iii. Confidential corporate information

  • Sales data, business partner information, sales documents, development documents, etc.

According to Capcom, credit cards were not part of the at-risk data as those transactions are handled by a third party; moreover, its game and websites were not impacts. Capcom also stated it will strengthen its online security to avoid a future attack.

“Capcom offers its sincerest apologies for any complications and concerns that this may bring to its potentially impacted customers as well as to its many stakeholders,” the Osaka-based game maker stated.

You can read the full release right here, which includes contact info for those concerned their data was compromised.

Log in to comment on this story!