Bandai Namco, one of Japan’s game publishing giants, had recently disclosed a data breach against their internal networks that compromised critical data of their customers from different Asian regions, excluding Japan.
As a well-known company that publish video games, Bandai Namco has developed and released several fan-loved games, including Dark Souls, Tekken, Elden Ring, PacMan, and Gundam, among others.
BlackCat, aka AlphVM, claimed the attack on Bandai Namco and said to have stolen the game publishing firm’s corporate and client data.
The firm’s recent statement on the incident confirmed suffering from a cyberattack on their servers that transpired last July 3. The threat operators had hacked into their internal systems from many of their offices in different Asian regions besides Japan.
Bandai Namco added that after learning of the unauthorised access to their internal network, their security team had immediately taken measures to control and mitigate the incident, including blocking access to the impacted servers to prevent the spread of the damage.
Currently, the game publishing company is undergoing an in-depth investigation into the incident to identify the leak’s status, the damage’s scope, and its cause. Since the affected network holds customers’ information within their organisations’ Asian offices aside from Japan, the firm is concerned that the hackers might have stolen critical data.
From the statement, the firm said to continue the investigation and would share findings as appropriate. Bandai Namco will also partner with external teams to help strengthen their company’s cybersecurity, including implementing proper measures to prevent the same incident from happening again. The firm also shared its apologies to everyone affected by the issue.
As of now, the BlackCat group has yet to disclose any data stolen from Bandai Namco. The researchers believe that despite the firm not providing any technical details on the attack, it may be a ransomware incident.
Security experts also expected Bandai Namco’s data to be leaked soon, especially if the threat group learns that the victimised company will not pay their ransom demands.
