News

Elden Ring Publisher Bandai Namco Reportedly Hit By Ransomware Attack

Bandai Namco, the publisher behind Elden Ring, Dark Souls, and Ace Combat, was reportedly the target of a ransomware attack earlier this month.

On Monday, it was reported by Kotaku that the ransomware group ALPHV–alternatively referred to as BlackCat–claimed to have ransomed the Japanese publisher. The news was shared on Twitter on July 11 by vx-underground, a group that monitors malware source code on the web.

ALPHV ransomware group (alternatively referred to as BlackCat ransomware group) claims to have ransomed Bandai Namco.
Bandai Namco is an international video game publisher. Bandai Namco video game franchises include Ace Combat, Dark Souls, Dragon Ball*, Soulcaliber, and more. pic.twitter.com/hxZ6N2kSxl

— vx-underground (@vxunderground) July 11, 2022

A screenshot attached shows the ALPHV ransomware blog where the group tracks its targets. It indicates Bandai is listed under the threat of “data soon” as of July 11. Following the reports, GameSpot reached out to the publisher for comment.

However, in a new statement posted today (via NME), Bandai Namco has addressed the ransomware attack, saying that customer data may be at risk.

“On July 3, 2022, Bandai Namco Holdings Inc. confirmed that it experienced an unauthorized access by third party to the internal systems of several Group companies in Asian regions (excluding Japan),” the statement reads. “After we confirmed the unauthorized access, we have taken measures such as blocking access to the servers to prevent the damage from spreading.

“In addition, there is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers and PCs, and we are currently identifying the status about existence of leakage, scope of the damage, and investigating the cause.”

Bandai added that it will continue to investigate the cause of the incident and will go on to disclose the investigation results. It also plans on working with external organizations in order to “strengthen security throughout the Group and take measures to prevent recurrence.”

Comment here