Photo/Illutration Capcom. Co.’s headquarters in Osaka (Asahi Shimbun file photo)

A cybercrime group that goes by the name Ragnar Locker is claiming responsibility for a ransomware attack on Capcom Co., a major video game developer.

The group said in a statement posted on its website on Nov. 9 that it made off with confidential company information from the attack.

Sources said the group is demanding a ransom of 1.1 billion yen ($10.5 million) from the Osaka-based company.

Capcom announced on Nov. 4 that it temporarily shut down its corporate networks in the early hours of Nov. 2 due to a system glitch caused by unauthorized access.

According to sources, part of its corporate servers and computers became infected with ransomware and its data was subsequently encrypted, forcing the company to temporarily suspend operations.

A company representative declined to offer details because an investigation is under way.

“We are working to keep the effects to a minimum,” the representative said.

Cybercriminal groups that employ ransomware attacks, such as Ragnar Locker, hack into the networks of companies and organizations and steal sensitive information. They then use the captured data as leverage to try to coerce the victim into paying a ransom. For example, they may threaten to release the data online.

Ragnar Locker claimed in its statement that it downloaded about a terabyte of data, including sensitive information, from the company before it encrypted Capcom’s server.

The stolen information includes the personal data of its customers and employees, information about the company’s operations and non-disclosure contracts, the criminal group said.

The group has demanded a response from Capcom by 8 a.m. on Nov. 11.

The same group has posted statements online threatening other businesses, including a major manufacturing company and a restaurant-related business, over apparently sensitive information the group managed to steal.

The attack on Capcom became known after an anonymous person abroad, who identified themselves as a security researcher, disclosed the breach.

“I have obtained the virus that (the group) apparently used in the cyberattack and have found an extortion letter and secret information,” the researcher said.

The anonymous person told The Asahi Shimbun that the group’s extortion letter demanded cryptocurrency worth about 1.1 billion yen.

But the person declined to provide details, like how they identified the virus before the cybercrime group claimed responsibility.

Ransomware attacks occur frequently, but it is rare for details of the extortion to be exposed like this.

In June, Honda Motor Co. suspended some of its production systems globally and placed restrictions on employees’ computer use due to a system glitch.

Some suspect the case to be a cyberattack from a different cybercrime group. Honda has not revealed details, including if the automobile giant was asked to pay a ransom.

(This article was written by Takeho Morita and senior staff writer Tatsuya Sudo.)

Related News