Last year, hackers were found infecting users with ransomware in the name of a fake CyberPunk Android app. Now, the Polish video game developer CD Projekt, known for games like Cyberpunk 2077, has fallen victim to a ransomware attack. Reportedly, some of the company’s internal systems were compromised during the attack.
CD Projekt Falls Victim to Cyberattack
The attackers left a ransom note threatening the company to agree or else they will sell or leak the stolen data. The company claims that the attackers took data belonging to the CD Projekt capital group and encrypted several network devices, but the backup is intact.
Cyberpunk 2077 developer confirms attack
In a tweet posted this morning, the company confirmed that it had become a victim of a ransomware attack.
CD Projekt also published a ransom note from the attackers that revealed they had accessed the source code of many high-profile games, including Gwent, Witcher 3, and Cyberpunk 2077.
Hackread.com can confirm that a hacker on a Russian language hacking forum has leaked almost 22 GB of data claiming it belongs to CD Projekt. The hacker also claims that the data was acquired in the ransomware attack and part two will be leaked soon.
The note also claimed that attackers had accessed Witcher 3’s unreleased version and some documents related to “accounting, administration, legal, HR, investor relations and more!”
CD Projekt Refuses to Negotiate
CD Projekt stated that it doesn’t intend to negotiate with the attackers. The company has collaborated with IT forensic experts to investigate the incident. Relevant authorities also have been informed about the breach.
The company also noted that it has started restoring data using the backup. CD Projekt confirms that the personal data of its service users hasn’t been compromised.
It also released an official statement claiming that it won’t give in to the attacker’s demands.
“We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data. We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.”