Capcom Reveals How Hackers Carried Out Last Year’s Massive Ransomware Attack – IGN

Capcom Reveals How Hackers Carried Out Last Year’s Massive Ransomware Attack – IGN

Hackers were able to gain access to Capcom’s internal servers via an old VPN device, Capcom revealed in a new update posted to the publisher’s official blog.The subsequent attack allowed hackers to make off with more than 1TB of sensitive information, including source code, planned release schedules, and other data. The attack also compromised the information of more than 15,000 people, though Capcom says no credit card information was sent.

Capcom provided the helpful diagram below to show how the attack was carried out:

Capcom partly blamed the ongoing COVID-19 pandemic for the conditions leading to the ransomware attack.

According to the IT specialists, unauthorized access to the Company’s internal network was acquired in October 2020 through a cyberattack carried out on an older backup VPN (Virtual Private Network) device that had been maintained at its North American subsidiary (Capcom U.S.A., Inc.). At that time, the Capcom Group, including the North American subsidiary, had already introduced a different, new model of VPN devices; however, due to the growing burden on the Company’s network stemming from the spread of COVID-19 in the State of California, where this North American subsidiary is located, one of the aforementioned older VPN devices remained solely at this North American subsidiary as an emergency backup in case of communication issues, and it became the target of the attack. The device in question has already been removed from the network at this time.

The attack first began on November 1, 2020, with Capcom publicly announcing the event just a few days later. Former Capcom employees described being frustrated with the company’s lack of communication, calling the request for info a “one-way street.”

The Best Resident Evil Bosses

Leave a Reply