Bandai Namco, the game publisher behind popular titles like Elden Ring, Dark Souls, and Tekken, confirmed that it was the victim of a hack. According to a report from Eurogamer, the publisher says it experienced “unauthorised access” to its “internal systems” when the breach took place on July 3rd.
Reports that Bandai Namco suffered an attack surfaced earlier this week. On Monday, vx-underground, a group that tracks malware source code across the web, posted a screenshot on Twitter showing that the group behind the ALPHV ransomware, also known as BlackCat, added Bandai Namco to its list of victims with the words “data soon.”
While Bandai Namco’s statement confirms that a hack took place, it still doesn’t indicate who was behind the attack or what kind of data the hackers managed to steal (if any). In a statement obtained by Eurogamer, Bandai Namco says hackers targeted internal systems of its companies in “Asian regions (excluding Japan)” and that it has “taken measures such as blocking access to the servers to prevent the damage from spreading.” The company adds that “there is a possibility” customer information associated with its toys and collectibles business may have been compromised as well.
According to BleepingComputer, the BlackCat ransomware group first emerged in November 2021 and has since breached over 60 companies across the world. The hackers behind BlackCat may be related to the bad actors who carried out last year’s major Colonial Pipeline breach. They recently targeted a government agency in Austria, a Swiss aviation service, and the luxury fashion brand Moncler. The BlackCat gang also started letting users search through stolen information on its site as a way to get its victims to pay up.
“We are currently identifying the status about [the] existence of [the] leakage, scope of the damage, and investigating the cause,” Bandai Namco explains. “We offer our sincerest apologies to everyone involved for any complications or concerns caused by this incident.” The Verge reached out to Bandai Namco with a request for comment but didn’t immediately hear back.