Bandai Namco, the Japanese video game publisher of many popular games such as Elden Ring, Dark Souls, Pac-Man, Tekken and more, on Wednesday confirmed that they suffered a cyberattack earlier this month and warned that some of their customers’ confidential data may have been stolen.
The confirmation of the breach by Bandai Namco comes after the ransomware group ALPHV, also known as BlackCat, suggested that it was about to leak information stolen from the Japanese video game company.
According to Bandai Namco, they noticed unauthorized access within the company’s internal systems for offices in Asian regions, excluding Japan on July 3, 2022. In response to the unauthorized access, the company blocked access to the affected servers to prevent more damage.
The company said in a statement that “there is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers and PCs, and we are currently identifying the status about existence of leakage, scope of the damage, and investigating the cause.”
It further added, “We will continue to investigate the cause of this incident and will disclose the investigation results as appropriate.”
The ALPHV ransomware group has threatened to release the stolen data “soon” but did not provide an exact deadline. The Japanese video game publisher has declined to say whether it has received a ransom demand or if it is communicating with the hackers.
It only said, “We will also work with external organizations to strengthen security throughout the Group and take measures to prevent recurrence. We offer our sincerest apologies to everyone involved for any complications or concerns caused by this incident.”
Bandai Namco has not provided any other details regarding the cyberattack, such as the type of the cyberattack or how hackers were able to gain access to its internal systems. Also, ALPHV has not yet released any of Bandai Namco’s allegedly stolen data on the group’s dark website.
With Bandai Namco now issuing a public statement, it’s just a matter of time before the company’s data is leaked unless Bandai agrees to the ransomware demand by the hackers.
The ALPHV ransomware group, which emerged on the scene last year is considered one of the largest ransomware threats targeting the enterprise. As of March 2022, the group has breached at least 60 organizations across the world by stealing valuable data, according to the FBI.
“BlackCat-affiliated threat actors typically request ransom payments of several million dollars in Bitcoin and Monero but have accepted ransom payments below the initial ransom demand amount,” the agency added.