Bandai Namco says it was hacked, still investigating scope of damage

polygon.com:

Bandai Namco says it was hacked by a ransomware group in July, the Elden Ring and Tekken publisher confirmed Wednesday. The group, called Black Cat after the ransomware it uses, claimed responsibility for the attack, adding Bandai Namco to its list of victims.

Bandai Namco says that the hack appears to have affected its internal systems in Asia (excluding Japan) and that some customer data from its toys and hobby business may have been accessed. The publisher says it’s still investigating the extent of the hack.

“ALPHV ransomware group (alternatively referred to as BlackCat ransomware group) claims to have ransomed Bandai Namco,” malware watchdog vx-underground posted on Twitter. Black Cat, also known as ALPHV, is a notorious ransomware group that is allegedly tied to the Colonial Pipeline hack that shut down the major fuel pipeline and disrupted gas supply in the U.S. last year. The U.S. Federal Bureau of Investigations released a report on the group in April, warning that it’s “compromised at least 60 entities worldwide.”

Bandai Namco issued a statement to Eurogamer on Wednesday that the attack occurred on July 3, but has not disclosed what information has been compromised. The company’s full statement is as follows:

On 3rd July, 2022, Bandai Namco Holdings Inc. confirmed that it experienced an unauthorised access by third party to the internal systems of several Group companies in Asian regions (excluding Japan).

After we confirmed the unauthorised access, we have taken measures such as blocking access to the servers to prevent the damage from spreading. In addition, there is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers