Bandai Namco does not exclude the possibility that customer data was in the servers breached by threat actors.
Japanese video game publisher Bandai Namco issued a statement confirming that a third party breached the company‘s internal systems on 3 July.
Bandai Namco is best known for publishing such iconic video games as Pac-Man, who serves as the company’s mascot. Other prominent games under the company’s brand include Elden Ring, Dark Souls, Tekken, Soulcalibur, and others.
Asia-based companies of Bandai Namco Group were affected by the intrusion. However, the company says businesses located in Japan were not affected.
“There is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers and PCs, and we are currently identifying the status about existence of leakage, scope of the damage, and investigating the cause,“ reads Bandai Namco‘s statement.
While Bandai Namco does not specify what kind of attack occurred, there‘s a high chance it was a ransomware attack. According to a security research group VX-Underground, the ALPHV ransomware group, also known as BlackCat, was behind the hack. Hackers added Bandai Namco to ALPHV’s leak site on the darkweb.
ALPHV/BlackCat ransomware was first observed in late 2021. Like so many others in the criminal underworld, the group operates a ransomware-as-a-service (RaaS) business, selling criminals malware subscriptions.
ALPHV/BlackCat was noted for the use of the Rust programming language. According to an analysis by the Microsoft 365 Defender Threat Intelligence Team, threat actors that started deploying ALPHV/BlackCat were known to work with other prominent ransomware families such as Conti, LockBit, and REvil.
The FBI believes money launderers for ALPHV/BlackCat cartel are linked to Darkside and Blackmatter ransomware cartels, indicating the group has a well-established network of operatives in the ransomware business.
Lately, ALPHV/BlackCat has been among the most active ransomware gangs. According to the cybersecurity analyst ANOZR WAY, the group was responsible for approximately 12% of all attacks in 2022.
Cybersecurity firm Digital Shadows noted that the group’s activity increased by 117% last quarter. Only LockBit and Conti surpassed the group in the total number of victims breached over the second quarter of 2022.
Most recently, ALPHV/BlackCat ransomware was used to attack the University of Pisa. Threat actors demanded that the university administration pay $4.5 million for the release of encrypted data.
More from Cybernews:
Subscribe to our newsletter