The attack is believed to have taken place in mid-December, and may have compromised the account names, email addresses and passwords of 65,000 users. Financial information, however, is not believed to have been compromised.
Koei Tecmo posted a notice about the attack on Christmas day, stating that the website owned by its UK subsidiary Koei Tecmo Europe was targeted, and said that the perpetrator has yet to be identified. According to the company, “the possibility of it being a ransomware attack is low.”
However, according to Bleeding Computer someone has claimed responsibility for the attack on a hacker forum on December 18th. After initially attempting to sell the data, they instead leaked it for free on December 23rd.
“KOEI TECMO apologies for the concern and inconvenience this may be causing to its customers and business partners” reads the notice from Koei Tecmo. “For individuals who have had their e-mail addresses leaked, KOEI TECMO is determined to take the appropriate measures and act in good faith hereafter.
“At this point, there are no issues or problems with game development and other business endeavors. In addition, the impact of this issue is determined to be minimal in the FY2020 financial results of the KOEI TECMO group. Both KOEI TECMO and KTE will work to prevent similar issues from occurring, and further strengthen its security system while simultaneously taking strict actions against illegal acts such as unauthorized access”