Several months ago, Capcom suffered a major data breach which not only leaked many of its upcoming projects, but potentially the personal data of their staff and customers.

Since then, Capcom has released a new update about the incident which sheds some light on the personal information that may have been unlawfully accessed. This not only includes data about Capcom’s staff and business partners, but also their customers and other external parties.

In total, Capcom estimates that a maximum of 390,000 “customers, business partners, and other external companies” may have been compromised in the attack. That said, it seems credit card and purchase information was not among the data leaked, as these are handled by a third party to Capcom.

You can read their full report here, or check out a summary below:

Capcom Co., Ltd. (Capcom) has previously confirmed that it has been the victim of a customized ransomware attack following unauthorized access to its network and has verified that some personal information maintained by the Capcom Group has been compromised.

On November 16, 2020 (JST) Capcom announced that it had verified that the personal information of 9 people had been compromised in this attack. As an update to its ongoing investigation, the company has verified that the personal information of an additional 16,406 people has been compromised, making the cumulative number since this investigation began 16,415 people. Further, the company has also ascertained that the potential maximum number of customers, business partners and other external parties etc., whose personal information may have been compromised in the attack is approximately 390,000 people (an increase of approximately 40,000 people from the previous report), the details of which are listed in “2. Potentially compromised data (updated)” below.

Capcom offers its sincerest apologies for any complications and concerns that this may bring to its potentially impacted customers as well as to its many stakeholders.

As there is an ongoing investigation in place, it is possible that new facts may come to light going forward. Below is a general summary of what new information has been confirmed at this point in time (as of January 12, 2021). Further, because the overall number of potentially compromised data cannot specifically be ascertained due to issues including some logs having been lost as a result of the attack, Capcom has listed the maximum number of items it has determined to potentially have been affected at the present time.

What do you think? Let us know in the comments.