Bandai Namco, the publisher behind hit game Elden Ring, has suffered a hack that may have compromised customer information from users in Asia.
The Japanese video game company confirmed(Opens in a new window) the breach on Wednesday after the ransomware group ALPHV, also known as BlackCat, indicated it was about to leak information looted from Bandai Namco.
According to Bandai, the intrusion occurred on July 3 and struck internal systems at “several Group companies in Asian regions,” but outside of Japan. In response, the company began cutting access to the affected servers.
However, Bandai noted: “There is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan)” was taken from the hacked computers, which included servers and PCs.
“We are currently identifying the status about existence of leakage, scope of the damage, and investigating the cause,” the company added.
ALPHV’s website on the dark web
So far, the ransomware gang ALPHV has only listed Bandai Namco as a recent victim of its hacking activities. The gang has yet to leak any files allegedly stolen from the company on the group’s dark web site. But it may only be a matter of time before the files are posted unless Bandai agrees to pay off the hackers.
ALPHV is a relatively new ransomware group that came on the scene last year. As of March, the group has compromised at least 60 organizations across the globe, often by first stealing valuable data before encrypting the victim’s computers, according(Opens in a new window) to the FBI.
“BlackCat-affiliated threat actors typically request ransom payments of several million dollars in Bitcoin and Monero but have accepted ransom payments below the initial ransom demand amount,” the agency added.
Recommended by Our Editors
However, Bandai’s statement indicates the hack failed to hit the company’s video game business. Instead, it ensnared Bandai’s activities(Opens in a new window) with selling toys, cards, apparel and other physical products.
It remains unclear if Bandai is communicating with the hackers. The company has only said it’s working “with external organizations to strengthen security throughout the Group and take measures to prevent recurrence.”
According(Opens in a new window) to Microsoft, the ALPHV group usually attacks by exploiting remote desktop applications, compromised login credentials, and known software vulnerabilities.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.