{ "id": "2f280180-72a8-4ac6-a769-645adb24bdab", "created_at": "2026-04-06T00:16:53.600325Z", "updated_at": "2026-04-10T03:30:57.056321Z", "deleted_at": null, "sha1_hash": "f731cd6499600cef22a73bf938b83eca101e076d", "title": "Capcom quietly discloses cyberattack impacting email, file servers", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 46222, "plain_text": "Capcom quietly discloses cyberattack impacting email, file servers\r\nBy Written by\r\nArchived: 2026-04-05 16:19:19 UTC\r\nUpdate 14.46pm GMT: ZDNet has learned that the security incident may be due to a Ragnar Locker ransomware\r\ninfection. \r\nCapcom has disclosed a cyberattack that impacted the company's operations over the weekend. \r\nSecurity\r\nThe Osaka, Japan-based video game developer said in a notice dated November 4 that two days prior, beginning\r\nin the early morning, \"some of the Capcom Group networks experienced issues that affected access to certain\r\nsystems\" due to a cyberattack. \r\nEmail and file servers were impacted. \r\nSee also: Marriott fined £18.4 million by UK watchdog over customer data breach\r\nCapcom has described the attack as \"unauthorized access\" conducted by a third-party. As the security incident\r\ntook place, the company stopped some operations on its internal networks, likely to prevent the cyberattack from\r\nspreading further and potentially compromising additional corporate resources. \r\nCapcom claims that there is \"no indication\" that customer information has been accessed or compromised; at least,\r\nat this stage. \r\n\"This incident has not affected connections for playing the company's games online or access to its various\r\nwebsites,\" the company said. \"Capcom expressed its deepest regret for any inconvenience this may cause to its\r\nvarious stakeholders.\"\r\nCNET: Election still too close to call: How to spot misinformation while you wait for results\r\nAt the time of writing, Capcom says it is \"unable to reply to inquiries and/or to fulfill requests for documents\"\r\nmade through the investor relations contact form.\r\nThe game developer is currently working toward restoring its systems and has reported the cyberattack to law\r\nenforcement. \r\nTechRepublic: It's an urgent plea this Election Day: Don't click on ransomware disguised as political ads\r\nhttps://www.zdnet.com/article/capcom-quietly-discloses-cyberattack-impacting-email-file-servers/\r\nPage 1 of 2\n\nCapcom has not revealed any further details relating to the attack, but the company is not the only game developer\r\ntargeted this year. In October, Ubisoft and Crytek were the victims of the Egregor ransomware gang, which\r\nattempted to extort a ransomware payment from the firms on the threat of the public release of proprietary data\r\nstolen during attacks. \r\nEgregor is an active ransomware group believed to be responsible for cyberattacks against GEFCO and Barnes \u0026\r\nNoble. Researchers from Malwarebytes suspect that past affiliates of the Maze ransomware group -- now retired\r\nfrom the scene -- are now turning to Egregor as an alternative. \r\nUpdate 14.46pm GMT: ZDNet has learned that the security incident may be due to a Ragnar Locker ransomware\r\ninfection. Ragnar Locker, associated with an attack on energy company EDP in July, is a ransomware variant of\r\nwhich some operators deploy in virtual machines (VMs) to avoid detection. The ransomware is generally used\r\nagainst corporate targets. \r\ncapcom.png\r\nZDNet\r\nZDNet has sent Capcom a request for comment and will update if we hear back. \r\nPrevious and related coverage\r\nToy maker Mattel discloses ransomware attack\r\nToday's 'mega' data breaches now cost companies $392 million to recover from\r\n23,600 hacked databases have leaked from a defunct 'data breach index' site\r\nHave a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0\r\nEditorial standards\r\nSource: https://www.zdnet.com/article/capcom-quietly-discloses-cyberattack-impacting-email-file-servers/\r\nhttps://www.zdnet.com/article/capcom-quietly-discloses-cyberattack-impacting-email-file-servers/\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "references": [ "https://www.zdnet.com/article/capcom-quietly-discloses-cyberattack-impacting-email-file-servers/" ], "report_names": [ "capcom-quietly-discloses-cyberattack-impacting-email-file-servers" ], "threat_actors": [ { "id": "f9806b99-e392-46f1-9c13-885e376b239f", "created_at": "2023-01-06T13:46:39.431871Z", "updated_at": "2026-04-10T02:00:03.325163Z", "deleted_at": null, "main_name": "Watchdog", "aliases": [ "Thief Libra" ], "source_name": "MISPGALAXY:Watchdog", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1775434613, "ts_updated_at": 1775791857, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/f731cd6499600cef22a73bf938b83eca101e076d.pdf", "text": "https://archive.orkl.eu/f731cd6499600cef22a73bf938b83eca101e076d.txt", "img": "https://archive.orkl.eu/f731cd6499600cef22a73bf938b83eca101e076d.jpg" } }