The publishers at Bandai Namco, known to have created some of the most played titles within the gaming industry, have announced that they have been the victims of hackers. On July 3, 2022, a data breach may have caused customer data to be stolen.
The publishers had gone on to say that they noticed unauthorized access within their internal servers when the breach occurred. Though they aren't sure about the amount of data stolen, they warn that some of their customers' confidential information may have been taken. While that isn't fully confirmed yet, the publisher openly admitted that this may be a "possibility."
Vx-underground is a group known for tracking malicious malware source codes all over the web. Earlier this week, a screenshot surfaced on Twitter from vx-underground, stating, "ALPHV ransomware group (alternatively referred to as BlackCat ransomware group) claims to have ransomed Bandai Namco." The full screenshot shows that the ALPHV ransomware group, which also goes by the name BlackCat, had been the ones behind the Bandai Namco hack.
Bandai issued a statement to VGC, stating:
“On July 3, 2022, Bandai Namco Holdings Inc. confirmed that it experienced an unauthorized access by third party to the internal systems of several Group companies in Asian regions (excluding Japan),”
They went on to also state:
"After we confirmed the unauthorized access, we have taken measures such as blocking access to the servers to prevent the damage from spreading. In addition, there is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers and PCs, and we are currently identifying the status about existence of leakage, scope of the damage, and investigating the cause. We will continue to investigate the cause of this incident and will disclose the investigation results as appropriate. We will also work with external organizations to strengthen security throughout the Group and take measures to prevent recurrence.
We offer our sincerest apologies to everyone involved for any complications or concerns caused by this incident.”
For those who may not be familiar with ransomware, its a software used by hackers and cybercriminals to coerce and force victims to provide them with money. These hackers will then block the owners' access to the content that has been breached and make threats to release the content they have stolen if the said victim does not follow their instructions. This is a form of blackmail used by cybercriminals to make a hefty payout.
There have been quite a few data breaches involving large gaming publishers over the last couple of years, and Bandai is just the latest victim added to that list. We will follow this story closely and update as more information about this breach and investigation becomes available.