Capcom Reveals Source of Last Year's Ransomware Attack

Hackers were able to gain access to Capcom’s internal servers via an old VPN device, Capcom revealed in a new update posted to the publisher’s official blog. The subsequent attack allowed hackers to make off with more than 1TB of sensitive information, including source code, planned release schedules, and other data. The attack also compromised the information of more than 15,000 people, though Capcom says no credit card information was sent. Capcom provided the helpful diagram below to show how the attack was carried out:

Capcom Hack Diagram

Capcom partly blamed the ongoing COVID-19 pandemic for the conditions leading to the ransomware attack.

According to the IT specialists, unauthorized access to the Company’s internal network was acquired in October 2020 through a cyberattack carried out on an older backup VPN (Virtual Private Network) device that had been maintained at its North American subsidiary (Capcom U.S.A., Inc.). At that time, the Capcom Group, including the North American subsidiary, had already introduced a different, new model of VPN devices; however, due to the growing burden on the Company’s network stemming from the spread of COVID-19 in the State of California, where this North American subsidiary is located, one of the aforementioned older VPN devices remained solely at this North American subsidiary as an emergency backup in case of communication issues, and it became the target of the attack. The device in question has already been removed from the network at this time.

The attack first began on November 1, 2020, with Capcom publicly announcing the event just a few days later. Former Capcom employees described being frustrated with the company’s lack of communication, calling the request for info a “one-way street.” [widget path=”global/article/imagegallery” parameters=”albumSlug=the-best-resident-evil-bosses&captions=true”] Capcom says it has since taken measures to prevent further attacks, including reverifying the safety of all VPN devices. The publisher has also reached out to those with compromised information to discuss the incident further. “Capcom would once again like to reiterate its deepest apologies for any complications or concerns caused by the incident,” Capcom wrote. “As a company that handles digital content, it is treating this incident with the utmost seriousness, and will take the appropriate action to address any requests or directions provided by law enforcement and other relevant authorities in each country.” [poilib element=”accentDivider”] Kat Bailey is IGN’s Senior News Editor.


About  A leading news channel for all things eSports and gaming. Publishing the most relevant breaking news for esports and gaming including coverage of industry trends and guides on the business of eSports and gaming for investors and aspiring eSports and gaming professionals. is a wholly owned subsidiary of Appsoft Technologies, Inc. (OTC:ASFT) a publicly traded development stage company aspiring to be a leading contender in the esports, gaming and mobile apps industry.

Appsoft Technologies, Inc.

Safe Harbor Statement

This communication may include certain statements that are not descriptions of historical facts but are forward looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. These forward-looking statements may include the description of our plans and objectives for future operations, assumptions underlying such plans and objectives, and other forward-looking terminology such as “may,” “expects,” “believes,” “anticipates,” “intends,” “projects,” or similar terms, variations of such terms or the negative of such terms. There are a number of risks and uncertainties that could cause actual results to differ materially from the forward-looking statements made herein. Such information is based upon various assumptions made by, and expectations of, our management that were reasonable when made but may prove to be incorrect. All of such  assumptions are inherently subject to significant economic and competitive uncertainties and contingencies beyond our control and upon assumptions with respect to the future business decisions which are subject to change. Accordingly, there can be no assurance that actual results will meet expectation and actual results may vary (perhaps materially) from certain of the results anticipated herein.

Other Articles

ESR Staff ArticleNewsNinjaStreamers

Leave a Reply