Alleged Capcom Ransomware Attack Reportedly Has 1 TB of Files Held Hostage

Published: November 5, 2020 2:28 PM /


Capcom ransomware attack cover

A cyberattack on Capcom was allegedly purported by a hacking group using "Ragnar Locker" tools. This Capcom ransomware attack has reportedly caused more than 1 TB of confidential data to be stolen.

Yesterday, Capcom quietly announced that it was attacked by a third party. At the time, Capcom did not specify who instigated the cyberattack or what may have been stolen, although it did mention that customer data was not likely to be affected. Now, new details have come to light which reportedly pins the attack on a group using the Ragnar Locker ransomware — and the hackers claim to have captured a lot of the company's confidential information.

Capcom ransomware attack slice

What Was Reportedly Stolen in the Capcom Ransomware Attack?

BleepingComputer reports that security researcher панкак3 has discovered who was behind the Capcom ransomware attack. According to панкак3's research, the attack was accomplished through the use of the Ragnar Locker ransomware and has resulted in more than 1 TB of information being held hostage.

"We have BREACHED your security perimeter and get access to every server of company's Network in different offices located in Japan, USA, Canada. 
So we has DOWNLOADED more than 1TB total volume of your PRIVATE SENSITIVE Data[...]" – Ransom note reportedly sent to Capcom

"Ransomware" is a class of malware that typically encrypts or captures data on digital devices in such a fashion that it cannot be retrieved without the attacker providing a code to unlock it. While judicious data backups can protect a user from permanently losing this data, there is still the possibility of private information being made public as an avenue of extortion. Simply put, a victim has to pay a ransom or face the consequences of the attack which could include the permanent loss of data or the publishing of private information.

According to the group's ransom note posted by BleepingComputer, the attack against Capcom includes information on contracts, NDAs, sales summaries, other financial information, and personal information of clients and employees. There is no mention of customer data; the personal information of "clients" may refer to companies that hired Capcom for various jobs.

The sales data, in particular, appears to be quite comprehensive. A redacted screenshot shows a spreadsheet which notes the units sold, the number of chargebacks, sales tax collected, and the total amount of revenue gained on a per-item basis. These figures include individual game sales, community market game fees, and DLC sales.

The alleged hackers in the Capcom ransomware attack are demanding that Capcom pay them an unspecified fee to get the data returned. Should Capcom not pay up, the group threatens to either sell the data via an auction or publish it publicly. We've reached out to Capcom on this matter and will update this article when we receive a response.

How do you think the Capcom ransomware attack will be resolved? Have you or someone you know been affected by ransomware? Let us know in the comments below!

Have a tip, or want to point out something we missed? Leave a Comment or e-mail us at