Bandai Namco has confirmed claims that its servers were hacked and confidential information was accessed. The publisher says it is investigating the potential leak of customer information.
Earlier this week, a ransomware group called ALPHV claimed to have “demanded a ransom from Bandai Namco” and suggested it had obtained confidential files.
Now, in a statement to VGC, the publisher of Pac-Man, Tekken and Dark Souls has confirmed that it has indeed been hacked.
“2022. On July 3, Bandai Namco Holdings Inc. confirmed that it has experienced unauthorized access by a third party to the internal systems of several of the group’s companies in the Asian regions (excluding Japan),” the statement said.
“After we confirmed the unauthorized access, we took measures such as blocking access to the servers to prevent the damage from spreading.
Furthermore, there is a possibility that customer data related to the Toys and Hobby Business in the Asian regions (excluding Japan) has been accessed on servers and computers, and we are currently identifying the existence of the leak, the extent of the damage, and investigating the causes.
We are continuing to investigate the cause of the incident, and the results of the investigation will be made public as appropriate. We will also work with external organizations to strengthen security across the group and take measures to prevent a recurrence.
We sincerely apologize to everyone involved for the complications and concerns caused by the incident.”
According to vx-underground, which bills itself as the Internet’s largest collection of malware source code, samples and documents, the ALPHV ransomware group claimed to have demanded a ransom from Bandai Namco on Monday.
Bandai Namco has confirmed it was hacked and says it’s investigating the damage. A separate problem for Bandai Namco is that the servers of the PC versions of the Dark Souls series have been down for more than 5 months due to a serious security breach.
Ransomware is a type of malicious software used by cybercriminals to extort money from victims. Criminals often block a victim’s access to their own data by encrypting files and threatening to release them publicly without paying a ransom.
It’s the latest in a string of data breaches and hacking attacks that have hit big-name game publishers in recent years.
Cyberpunk and Witcher studio CD Projekt Red suffered a ransomware attack last year, allegedly from a group called HelloKitty.
The ALPHV ransomware group is said to be behind the threat to the Japanese toy company. In June 2021, data stolen from the company was reportedly leaked online, including the source code for Cyberpunk 2077 and The Witcher 3, and possibly employee data.
Electronic Arts also suffered a major data breach last year, in which hackers stole the source code for FIFA 21 and the company’s Frostbite engine.