Square-Enix discovered evidence of intrusion around noon (0300 GMT) on Tuesday, and potential victims were notified on Wednesday. The hackers breached an unknown number of servers that could hold data for 1M members in Japan and 800K in North America. The European servers, populated by 300K members, were untouched.
While the affected servers stored the customers' names, email addresses, postal addresses and phone numbers, thankfully, they do not have any credit card information or other identification information. Despite this, Square-Enix reps are cautioning members against possible phishing attempts, warning, "We are yet to learn whether illegal access was gained to our clients' information. But we have asked our customers to be aware of the incident in case they receive suspicious messages using our name."
This is not the first time Square-Enix had suffered an intrusion. Back in May, the email addresses of 25,000 customers as well as the resumes of 250 job applicants in a European subsidiary.