fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Capcom: 390,000 People May Be Affected By Ransomware Data Breach

Capcom: 390,000 People May Be Affected By Ransomware Data Breach

Capcom has released a new update for their data breach investigation and state that up to 390,000 people may now be affected by their November ransomware attack.

On November 2nd, Capcom suffered a cyberattack by the Ragnar Locker ransomware operation who stated they stole 1TB of data from the company. The ransomware operation demanded an $11 million ransom in bitcoins to not release the stolen files and provide a decrypter.

Capcom ransom note created in attack

Soon after Ragnar Locker leaked Capcom’s stolen data, the company disclosed that they suffered a data breach where nine types personal information were exposed.

Also Read: How to Send Mass Email Without Showing Addresses: 2 Great Workarounds

In an update to the investigation released today, Capcom states that they have confirmed 16,415 people whose personal information was exposed, with a possible total number of affected people to be 390,000.

“As an update to its ongoing investigation, the company has verified that the personal information of an additional 16,406 people has been compromised, making the cumulative number since this investigation began 16,415 people.”

“Further, the company has also ascertained that the potential maximum number of customers, business partners, and other external parties etc., whose personal information may have been compromised in the attack is approximately 390,000 people,” Capcom’s latest update reveals.

For the confirmed 16,406 people, Capcom states the exposed data could be a mix of names, addresses, phone numbers, HT information, and email addresses.

i. Personal Information16,406 people *cumulative total since investigation began: 16,415 peopleBusiness partners, etc.: 3,248 people
At least one of the following: name, address, phone number, email address, etc.Former employees and related parties: 9,164 people
At least one of the following: name, email address, HR information, etc.Employees and related parties: 3,994 people
At least one of the following: name, email address, HR information, etc.
ii. Other InformationSales reports, financial information, game development documents, other information related to business partners

Capcom has provided the following estimates of additional people that may have been breached.

i. Personal InformationApplicants: approx. 58,000 people
At least one of the following: name, address, phone number, email address, etc.*Cumulative maximum number of potentially compromised data for customers,
business partners and other external parties: 390,000 people*Regarding the cumulative maximum number of potentially compromised data above: as part of its ongoing investigation, Capcom has determined that it currently does not see evidence for the possibility of data compromise for the approximate 18,000 items of personal information from North America (Capcom Store member information and esports operations website members) that the company included in its November 16, 2020 announcement. As such, these have been removed from this cumulative maximum number of potentially compromised data.

When ransomware operations perform their attacks, they steal almost all of the files and databases that they can get their hands on.

BleepingComputer has been told by ransomware gangs that they save more valuable data for online auctions or to use in further attacks. This means that the data that was leaked may not be all of the data that they stole.

Also Read: How a Smart Contract Audit Works and Why it is Important

Therefore, it is safer to assume that your data was breached during the attack and be on the lookout for targeted phishing attacks. While there is no indication that passwords were exposed, it is also advised that you change your Capcom password, and if used at other sites, change them there as well.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us