Bandai Namco confirms hack after Ransomware Group threatens file leak
Bandai Namco, the publisher behind the hit game Elden Ring, has been the victim of a hack that may have compromised customer information from users in Asia.
This is confirmed by the Japanese video game company(Opens in a new window) breach on Wednesday after the ransomware group ALPHV, also known as BlackCat, indicated it was about to leak information looted from Bandai Namco.
According to Bandai, the breach occurred on July 3 and affected internal systems at “several group companies in Asian regions”, but outside of Japan. In response, the company began cutting access to the affected servers.
However, Bandai noted, “There is a possibility that customer information related to the toy and hobby business in Asian regions (excluding Japan)” was obtained from the hacked computers, which included servers and PCs.
“We are currently identifying the status of the existence of the leak, the extent of the damage and investigating the cause,” the company added.
ALPHV’s website on the dark web
So far, the ransomware group ALPHV has only listed Bandai Namco as a recent victim of its hacking activities. The gang has yet to leak any files allegedly stolen from the company on the group’s dark web site. But it may only be a matter of time before the files are posted unless Bandai agrees to pay the hackers.
ALPHV is a relatively new ransomware group that hit the scene last year. As of March, the group has compromised at least 60 organizations worldwide, often by first stealing valuable data before encrypting the victim’s computers, according to(Opens in a new window) to the FBI.
“BlackCat-affiliated threat actors typically request multimillion-dollar ransoms in Bitcoin and Monero, but have accepted ransoms below the original ransom demand,” the agency added.
Recommended by our editors
However, Bandai’s statement indicates that the hack failed to affect the company’s video game business. Instead, it captured Bandai’s activities(Opens in a new window) with the sale of toys, cards, clothes and other physical products.
It is still unclear whether Bandai is communicating with the hackers. The company has only said that it is working “with external organizations to strengthen security across the group and take measures to prevent recurrence.”
According(Opens in a new window) to Microsoft, the ALPHV group typically attacks by exploiting remote desktop applications, compromised credentials, and known software vulnerabilities.
Do you like what you read?
Sign up SecurityWatch newsletter for our best privacy and security stories delivered straight to your inbox.