Japanese publisher Koei Tecmo announced over the Christmas holiday that some personal data of 65,000 users of its English-language site has been hacked, prompting the company to take its US and UK sites offline for now.
“On the website operated by KTE, the ‘Forum’ page and the registered user’s information (approximately 65,000 entries) were determined for data that may have been breached,” announced Koei Tecmo in a press release on December 25, first reported in in BleepingComputer. “User data that may have been leaked through hacking is perceived as the account names (optional) and the related password (encrypted) and / or registered email address.”
The editor – who is responsible for Dynasty Warrior series including several Musou spin-offs and the recent Hyrule Warriors: Age of Calamity—wrote that the hack appeared to be isolated on the forum pages and did not contain any credit card information. Koei Tecmo added that it still does not know who launched the cyber attack and that it believes that the likelihood of the leaks being related to a ransomware attack is low.
In addition to reporting the data breach to the EU’s General Data Protection Regulation (GDPR), the editor also temporarily closed the US and UK websites. “Due to the possibility of a cyber attack outside this site, it is temporarily closed while we investigate the problem,” says a single line of text that appears when you try to visit the Koei Tecmo America website.
Unlike the recent extensive cyber attack on Capcom in November, which affected corporate information, such as sales reports and development documents, this data breach appears to be isolated in players’ emails and passwords.
G / O Media can receive a commission
“Koei Tecmo apologizes for the concern and inconvenience this may cause to its customers and business partners,” wrote the publisher in its press release. “For individuals who have had their email addresses leaked, Koei Tecmo is determined to take appropriate action and act in good faith in the future.”
Koei Tecmo did not immediately respond to a request for comment.
Correction: the post was updated to reflect that the news of the data breach was first reported by the data security website BleepingComputer.