Hacker Group Claims Elden Ring Publisher Is Its Latest Victim

Bandai Namco did not immediately respond to a request for comment. Vx-underground has previously reported on other hacks, including the infamous Lapsu$ one, before the companies themselves have confirmed them. The ransomware watch group DarkFeed also shared a screenshot of BlackCat’s claimed hack earlier today. Vx-underground and DarkFeed didn’t immediately respond to a request for comment either.

BlackCat, members of which were believed to also be involved in the Colonial Pipeline hack last year, have been ramping up ransomware attacks, according to some computer security analysts as well as the FBI. Most recently, the hacks have resulted in BlackCat posting private employee data online if the victims refuse to pay up. In the past, the group has demanded millions, and targeted school districts and other public entities in addition to for-profit companies.

If legitimate, this would be just the latest in a longline of recent hacks at major gaming companies. Capcom was hit in late 2020, with several of its upcoming unannounced releases like Dragon’s Dogma 2 leaking at the time. A now famous hack of graphics chip manufacturer Nvidia ended up leaking tons of other big gaming projects like Kingdom Hearts 4. CD Projekt Red, the Polish studio behind The Witcher 3 and Cyberpunk 2077, had employee data and the source code for one of its games stolen in early 2021. Even FIFA publisher Electronic Arts was hit, with the alleged perpetrators trying to get media outlet Vice to blackmail the company on its behalf.

It’s unclear how much of the seeming uptick in security breaches is due to new techniques deployed by hackers vs. the greater challenges companies faced when moving to working from home during the global pandemic. Capcom blamed part of its vulnerability on remote work. At the same time, the blockchain network hosting crypto gaming juggernaut Axie Infinity suffered one of the most expensive hacks in history earlier this year, reportedly all because an employee fell for an elaborate phishing scheme.

Earlier this year, Bandai Namco took the servers for Dark Souls I, II, and III offline after a dangerous remote code execution (RCE) exploit was discovered.