Bandai Namco confirms it’s been hacked and says it’s investigating damage

Bandai Namco has confirmed claims that its servers have been hacked and confidential information has been acquired.

Earlier this week a ransomware group called ALPHV claimed to have “ransomed Bandai Namco”, suggesting it had acquired confidential files.

Now, in a statement provided to VGC, the Pac-Man, Tekken and Dark Souls publisher has confirmed that it was indeed hacked.

“On July 3, 2022, Bandai Namco Holdings Inc. confirmed that it experienced an unauthorized access by third party to the internal systems of several Group companies in Asian regions (excluding Japan),” the statement reads.

“After we confirmed the unauthorized access, we have taken measures such as blocking access to the servers to prevent the damage from spreading.

“In addition, there is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers and PCs, and we are currently identifying the status about existence of leakage, scope of the damage, and investigating the cause.

“We will continue to investigate the cause of this incident and will disclose the investigation results as appropriate. We will also work with external organizations to strengthen security throughout the Group and take measures to prevent recurrence.

“We offer our sincerest apologies to everyone involved for any complications or concerns caused by this incident.”

According to vx-underground, which bills itself as the largest collection of malware source code, samples, and papers on the internet, the ALPHV ransomware group claimed to have ransomed Bandai Namco on Monday.

Ransomware is a type of malicious software used by cybercriminals to extort money from victims. Perpetrators will often block the victim’s access to their own data by encrypting their files and threatening to release them publicly unless a ransom is paid.

This is the latest in a series of data leaks and hacks involving notable game publishers in recent years.

Cyberpunk and Witcher studio CD Projekt Red suffered a ransomware attack last year, reportedly at the hands of a group called HelloKitty.

Further reading

Elden Ring publisher Bandai Namco reportedly targeted in a ransomware attack

It’s claimed the ALPHV ransomware group is behind a threat to the Japanese game company

Data stolen from the company was reportedly leaked online in June 2021, including the source code for Cyberpunk 2077 and The Witcher 3, and possibly employee details too.

Electronic Arts also suffered a significant data breach last year in which hackers stole the source code for FIFA 21 and the company’s Frostbite engine.