FromSoftware parent company KADOKAWA hit by major ransomware attack

There are serious vulnerabilities in KADOKAWA's security.

The Tarnished stands in the middle of Maliketh's arena in Elden Ring.
Screenshot by Dot Esports

Popular video game developer FromSoftware, known for titles like Elden Ring and Dark Souls, is facing a major security crisis after parent company KADOKAWA was hit by a crippling ransomware attack by the BlackSuit group on June 27.

Recommended Videos

According to a message posted on the dark web and shared on X (formerly Twitter) by T. Nihonmatsu this week, BlackSuit claims to have infiltrated the Japanese giant’s network nearly a month ago. The hackers allege they exploited vulnerabilities in the company’s interconnected network infrastructure, granting them access to a staggering 1.5 TB of data.

Elden Ring Shadow of Erdtree perfumer
An assortment of data was obtained by the hackers. Image via Bandai Namco

The data reportedly includes a nightmarish cocktail of sensitive information which includes employee records, user platform data, contracts, project details, and financial documents. The hacker group emphasizes the sensitive nature of this data, stating “Japanese citizens would prefer to keep data about their private lives private.” BlackSuit is threatening to leak this data on July 1 if Kadokawa doesn’t meet their ransom demands, and that current negotiations haven’t met their price expectations.

The attack has significantly disrupted KADOKAWA’s operations, impacting subsidiaries like Dwango and Niconico. While Kadokawa aims to restore services by July’s end, the full extent of the damage remains unclear.

While demanding a hefty ransom, BlackSuit also appears to be relishing the opportunity to expose KADOKAWA’s security weaknesses. The hackers have criticized the company’s I.T. department, claiming that they were slow to detect the intrusion and lacked a comprehensive understanding of network vulnerabilities. “This incident required a complete review of the network architecture, and KADOKAWA’s customers had to wait while the I.T. department reconfigured the entire network.”

BlackSuit’s message implies that if KADOKAWA doesn’t pay, the leaked data will not only damage the company’s reputation but also force them to overhaul their network security. “If data is leaked, KADOKAWA will have to change not only its network infrastructure but also its business model,” BlackSuit said.

With the July 1 deadline looming, KADOKAWA has to make a crucial decision to prevent a potential impact on the privacy of countless users.

Author
Image of Chris Angelo
Chris Angelo
Chris is a freelance writer for Dot Esports and an avid gamer with a passion for competitive shooters. His love for games began at a young age with his first console, and ever since, he's been hooked. Now, Chris enjoys sharing his knowledge and enthusiasm for the industry, hoping to ignite the same spark in others. When he's not writing, you can find him racking up hours in games like Valorant, CS2, and Apex Legends.