Elden Ring publisher hacked — customer data possibly stolen | #microsoft | #hacking | #cybersecurity


Japanese gaming giant Bandai Namco, the well-known publisher behind titles such as Dark Souls, Elden Ring, Pac-Man, and Tekken, has revealed it suffered an attack in early July that potentially exposed customer data.

In a statement to TechCrunch, the company said it detected a third party had gained unauthorised access to its systems on 3 July 2022.

It said it took measures to mitigate the event, including blocking affected servers, to “prevent the damage from spreading”.

Although it would not elaborate on the nature of the attack or how the attacker accessed its systems, it said the attacker potentially stole customer data.

“There is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers and PCs, and we are currently identifying the status about existence of leakage, scope of the damage, and investigating the cause,” the company said.

TechCrunch said Bandai Namco shared the statement after the ALPHV ransomware group, also called BlackCat, added Bandai Namco to its list of victims on its dark web leak site.

The group threatened to release the stolen data “soon”, but Bandai Namco would not state whether it had demanded any ransom be paid in return for the data.

“We will continue to investigate the cause of this incident and will disclose the investigation results as appropriate,” Bandai Namco said.

“We will also work with external organisations to strengthen security throughout the Group and take measures to prevent [a] recurrence.”

Editorial credit: Michael Vi / Shutterstock.com

The latest breach follows Bandai Namco taking down Dark Souls’ multiplayer servers after a white hat hacker revealed a serious vulnerability that could allow an attacker to remotely take over a victim’s PC.

The hacker approached the company to inform them of the security issue but did not get a response.

To get their attention, the hacker interrupted a well-known Twitch streamer’s session and launched Microsoft PowerShell on his PC.

He then let a text-to-speech script pop up on his screen and mocked him.

A post on the subreddit of one of FromSoftware’s other big games — Elden Ring — revealed the flaw was a remote code execution (RCE) vulnerability that could allow malicious actors to run arbitrary code on a target’s system without their permission.

“This is a serious exploit that can cause lasting damage to your computer and all of its contents,” the post said.

Attackers who discovered the flaw could brick a user’s computer, steal login details for accounts, and deploy malware like Bitcoin miners.

A day later, Bandai Namco thanked users for reporting the issue and said it had informed a relevant internal team about it to take action.

FromSoftware has been working on the problem for more than five months, and the servers were still down at the time of publication.

Colonial Pipeline attack

The BlackCat group said they are a new incarnation of the DarkSide ransomware gang that carried out the infamous Colonial Pipeline attack in May 2021.

In that instance, the hackers gained access to the pipeline’s billing systems, forcing the company to stop operations and contain the attack.

The pipeline transports diesel, gasoline, and jet fuel from Texas to several other states, as far as New York.

With assistance from the FBI, the company paid around $4.4 million in Bitcoin to restore the system. The hackers provided a tool which helped bring the billing system back online over time.

The group is also believed to have stolen 100GB of data from the Colonial Pipeline servers the day before the ransomware attack.


Now read: Doomception — Hacker gets Doom to run inside Doom



Original Source link

Leave a Reply

Your email address will not be published.

49 − = forty six