Capcom has confirmed that the personal information of 16,415 people has been compromised as the result of a cyber attack last year.
In its third update following the incident, the company also explained the personal information of roughly 390,000 customers, business partners, and other external parties may have been compromised during the attack - an increase of 40,000 on its previous estimate of 350,000.
The attack itself took place in November 2020, and initially Capcom said there was no evidence that any customer information had been breached.
In a follow-up announcement, however, the publisher said the personal information of a small number of employees including names, addresses, signatures, and passport information had been compromised.
That small number has now risen to 16,415 business partners, former employees, and current employees, all of whom may have had a variety of personal information exposed.
Capcom has reiterated that none of the at-risk data contains credit card information as all online transactions ate handled by a third-party provider, and is offering support to those who have been affected by the breach.
The company added that it will continue coordinating with law enforcement authorities in Japan and the U.S. to address the situation. It also intends to work with a major IT security specialist to better understand the overall damage caused by the attack and prevent any reoccurrence, and will bolster its security moving forward.
Finally, Capcom noted that its internal systems have now largely recovered from the attack, and that business operations have returned to normal.