CD Projekt Red is the latest game company to be hit by a cyber attack. The company released a statement on Twitter this morning saying an “unidentified actor” has hacked some of its systems, and included a screenshot of the ransom note. Accessed data includes source code for some of the studio’s games, alongside internal company data. The company writes that it will not negotiate with the hacker.
“Yesterday,” the CD Projekt statement begins, “we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised.” The hacker’s note threatens to release source code for Cyberpunk 2077, The Witcher 3 (including an unreleased version), and Gwent, as well as release company documents “relating to accounting, administration, legal, HR, investor relations, and more.” The hacker’s note gives CD Projekt Red 48 hours to “come to an agreement,” after which the hacker threatens to leak or sell the source code and information.
CD Projekt Red writes that its backups are still intact, and that it has “secured our IT infrastructure and begun restoring the data.”
“We will not give into the demands nor negotiate with the actor, being aware that this may eventually lead to the release of compromised data,” the company writes. CD Projekt Red writes that it does not believe the breach contains personal data from players.
“We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them in order to fully investigate the incident,” the company writes.
The hacker’s note threatens that releasing the data will further damage the company’s reputation, which has taken a hit since the rocky release of Cyberpunk 2077 in December.
As previously reported, Capcom’s servers were brought down last fall by “unauthorized access carried out by a third party,” with 1TB of data compromised.