Japanese toy developer Capcom has revealed that it suffered a cyber attack over the weekend that affected its business, including email systems.
In a "Network Issue Notice", Capcom stated that it started having problems with its file and mail servers on the morning of November 2nd. After the authorities considered that it was a cyber attack, they stopped the operation of parts of their corporate network to prevent the spread of the attack.
"Starting in the early morning hours - on November 2, 2020, some of the Capcom Group networks faced problems which affected access to some systems, including email and file servers. The company confirmed that this was due to unauthorized access from a third party and that it has stopped some functions of its interior networks from November 2. ”
Since the attack, Capcom has been posting alerts on its website warning visitors that requests carried out either via email or through documents will not be answered due to the attack affecting email systems.
If this turns out to be a ransomware attack, which by their description is very likely, then their corporate data may have been stolen before development of the ransomware.
From 2019, ransomware gangs use a dual strategy extortion to steal unencrypted data before encrypting it Appliances. Attackers then threaten to publish this stolen data on ransomware leak sites if the ransomware is not paid ransom.
While Capcom has not stated that it is a ransomware attack, sources have told BleepingComputer that Capcom has been infected by TrickBot in August, which usually leads to attacks Ryuk ή Accounts ransomware. The REVIL ransomware company said in a recent interview that it had breached a "big toy company" and would announce it soon. It is not known if the statement relates to attack at Capcom.