Koei Tecmo suffers a data breach and has taken down their European and American websites soon after the stolen data was posted to a hackers forum site.
Koei Tecmo is a Japanese video game and anime company. The company includes popular games such as Hyrule Warriors, Nioh 2, Atelier Ryza, Dead or Alive etc.
The hacker claimed to have hacked into the koeitecmoeurope.com website through a spear-phishing campaign on December 18th.
The actor claims to have stolen a forum database with 65,000 users and implanted a web shell on the site for continuous access.
“There are FTP credentials on the shell I found, and I would be happy to share those with you if you bought the shell, as well as multiple Twitter secrets for their Twitter, accounts that they have,” the threat actor stated as part of their sales pitch.
According to BleepingComputer samples of stolen databases, forum members, email addresses, IP addresses, hashed passwords and salts, usernames, date of births and countries.
In a post on a hacking forum site, the threat actors were planning to sell a forum database for 0.05 bitcoins or around $1,300 and web shell access for 0.25 or roughly $6,500 on a hacking forum.
The same threat actors leaked the database for free on the same hacker forum on December 23rd.
As soon as the breach came under the limelight, Koei Tecmo took down the European (koeitecmoeurope.com)and American (https://www.koeitecmoamerica.com/) websites reading the following message:
“Due to the possibility of an external cyberattack on this website, it is temporarily offline closed as we investigate the issue.”
“Within the website operated by KTE, the “Forum” page and the registered user information (around 65,000 entries) has been determined to the data that may have been breached. The user data that may have been leaked through hacking is perceived to be the (optional) account names and related password (encrypted) and registered email address,” Koei Tecmo stated in a data breach advisory.
Koei Tecmo reported that the breach only affected the forum and not any other parts of the site. The game company also stated that there was no financial data stored in the database. The probability of it being a ransomware attack is low as there were no threats or demands to the company.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?
The post Koei Tecmo suffers data breach; stolen data exposed appeared first on SecureReading.
Více zde: ecurereading
[display-posts posts_per_page=”15″ image_size=”thumbnail” include_excerpt=”true”]