Japanese game developer Koei Tecmo known for its popular PC and console games (including Nioh 2, Hyrule Warriors, Atelier Ryza, Dead or Alive, etc) has disclosed a data breach and taken their European and American websites offline after stolen data was posted to a hacker forum.
The attack is believed to have taken place in mid-December, and may have compromised the account names, email addresses and passwords of 65,000 users. Financial information, however, is not believed to have been compromised.
After learning of the leaked data, Koei Tecmo took the American (https://www.koeitecmoamerica.com/) and European (koeitecmoeurope.com) websites offline with the following message:
“Due to the possibility of an external cyberattack on this website, it is temporarily closed as we investigate the issue.”
According to Bleeding Computer someone has claimed responsibility for the attack on a hacker forum on December 18th. After initially attempting to sell the data for 0.05 bitcoins, or approximately $1,300, and web shell access for 0.25, or approximately $6,500, they instead leaked it for free on December 23rd.
In a notice published on December 25, Koei Tecmo clarified that it’s the website operated by its UK subsidiary (Koei Tecmo Europe Limited, or KTE) that was targeted, specifically its forum page and associated user information. Koei Tecmo apologised for the “concern and inconvenience” caused by the attack, and added that it will take “appropriate measures” concerning users who have had their data stolen and leaked. The company also said it will work on strengthening its security system.
Anyone who frequently pairs the same email address and password as used on the Koei Tecmo website is advised to change their credentials at other sites as soon as possible.
To check if you have an account that has been compromised in a data breach, you can subscribe to “Notify Me” service offered by HaveIBeenPwned website https://haveibeenpwned.com/