Customer information potentially leaked as video gaming giant confirms cyber-attack
James Thorpe
Share this content
After much speculation, Bandai Namco has confirmed that it recently fell victim to a cyber-attack.
According to an official statement released by the major video gaming company, it “experienced an unauthorised access by a third party to the internal systems of several group companies in Asian regions (excluding Japan)”.
Bandai Namco explained that whilst the company has now put in preventative measures to stop the spread of the damage, there was a “possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers and PCs” affected.
Though it has now been confirmed that the unauthorised access took place on 3 July 2022, there is still much speculation as to who is responsible for the breach.
According to IT Pro, initial reports suggested that ransomware group AlphV/BlackCat were behind a large ransomware attack on the company which was conducted via the method of double extortion, whereby cyber criminals covertly steal information and threaten to leak it if a ransom is not paid.
In the full statement, Bandai Namco apologised to impacted customers and said that it would be conducting a thorough investigation: “We are currently identifying the status about existence of leakage, scope of the damage and investigating the cause.
“We will continue to investigate the cause of this incident and will disclose the investigation results as
appropriate. We will also work with external organisations to strengthen security throughout the Group and take measures to prevent recurrence.
“We offer our sincerest apologies to everyone involved for any complications or concerns caused by this incident.”
Deryck Mitchelson, Field CISO at Check Point Software, told International Security Journal: “So far in 2022, we’ve already seen cybercriminals targeting every sector from governments, such as the instance in Costa Rica, to the attack on Iran’s largest steel company – and now Bandai Namco, an influential gaming company.
“What this tells us is that no one is safe, regardless of industry. Every company needs to be revisiting its security posture to keep themselves protected from the rise in threats. In this instance, if not caught, unauthorised access can lead to a much larger ransomware or even a double or treble extortion ransomware attack.
“To combat this, companies need to adopt a holistic approach to cybersecurity that takes into consideration every element of its infrastructure, including both on-premises networks and cloud, to ensure that every element and end point is secure.
“Cyber criminals are constantly shape shifting to try and evade security measures, so you need a solution that has an up to date threat intelligence resource to cope with fifth generation cyber attacks which are more sophisticated and pervasive than ever before.”