BANDAI NAMCO HD group companies may have leaked customer data due to a cyber attack

Bandai Namco HD , the parent company of Bandai Namco Entertainment , which is a game publisher such as ' ELDEN RING ' and ' Ace Combat ', received unauthorized access to multiple group companies in the Asian region excluding Japan on July 3, 2022, and customer information etc. Reported that it may have leaked. According to overseas media, it was a ransomware group called ' ALPHV (BlackCat) ' that attacked the BANDAI NAMCO Group, suggesting that it had attacked a few days before the official announcement.

Unauthorized access to our group companies in Asia excluding Japan.pdf
(PDF file)

Elden Ring Publisher Hacked, Ransomware Group Claims

Elden Ring gaming giant Bandai Namco says hackers may have stolen customer data | TechCrunch

On July 11, 2022 local time, vx-underground , a group that monitors malware source code on the web, claimed that 'ALPHV ransomware group (also known as BlackCat ransomware group) demanded a ransom from Bandai Namco. I posted it on Twitter. BANDAI NAMCO has added BANDAI NAMCO to the 'List of Data to be Published Soon' by ALPHV, but BANDAI NAMCO HD did not respond to inquiries from overseas media at this point.

And on July 13, Bandai Namco HD said, 'On July 3, 2022, we confirmed that the internal systems of multiple group companies in the Asian region excluding Japan were illegally accessed by a third party.' He issued an official statement admitting that he had been attacked by a hacker.

According to the statement, after confirming unauthorized access, measures such as blocking access to the server were taken to prevent the damage from spreading. It seems that the server or PC that received unauthorized access may have contained customer information related to the toy hobby business in the Asian region excluding Japan, and we are identifying the existence and scope of information leakage and investigating the cause. It states. Foreign media TechCrunch reports that BANDAI NAMCO HD refused to explain in detail the nature of the cyberattack, how hackers made unauthorized access, and whether they were asked for a ransom.

In a statement, BANDAI NAMCO HD said, 'We will continue to investigate the cause and announce the results of the investigation as appropriate. In addition, we will strengthen security throughout the group in cooperation with external organizations and take measures to prevent recurrence. We will continue to work on it. '

Although BANDAI NAMCO HD avoids specific mention of unauthorized access, ALPHV, which has declared that it has made an attack, is a ransomware group that has been increasing its presence in recent years. The FBI made great success in April 2022, 'ALPHV has damaged at least 60 organizations worldwide as of March 2022.' 'Rust, which is considered a secure programming language, has been used with great success. This is the first ransomware group. '

The characteristic of ALPHV is not only to encrypt the victim's data like a general ransomware group, but also to steal the data before that and threaten to 'leak the data if you do not pay the ransom'. According to a survey by a cyber security company, ALPHV has also created a new way to publish stolen data on websites that can be found by search engines, making it easier for victims to find their data. ..

A new ransomware trick that exposes personal information to ordinary websites and incites anxiety | TECH +

In recent years, cyber attacks targeting game companies have been occurring one after another, Capcom was illegally accessed in 2020 and titles scheduled to be released were leaked , and Electronic Arts (EA) was hacked in 2021 and 780 GB Source code and internal tools are now on sale.

780GB of EA hacked and stolen source code, internal tools, etc. will be sold --GIGAZINE

in Game,   Security, Posted by log1h_ik