CD Projekt Red victim of cyber attack!

  • 139

CD Project Red sent a Tweet into the world in which they explain how they got to be the victim of a cyber attack.

CDPR acknowledges that some of their internal servers got compromised because of the attack. Whoever got inside their systems, unauthorized, was able to collect information and data and they left a ransom note behind. It almost looks like it was a scene from a movie but this is the real deal. 

In the ransom note, the hacker claims to have dumped a variety of source code copies of Cyberpunk 2077, The Witcher 3 and even an unreleased version of The Witcher 3. The hacker also let CDPR know that they have internal information coming from their accounting branch, administration, Human Resources, investors, etc. On top of that, all the hacker claims to have encrypted the CDPR servers but they have the knowledge that backup servers are still useable to replace the encrypted servers. 

Whoever got into the servers ended the ransom note with the threat that the source codes and everything else they have into their possession will get leaked or sold to journalists who write about games in general, if an agreement could not be met. CDPR has 48 hours to respond.

In the note, there's apparently nothing said about any amounts. CDPR has to contact the hacker. But CDPR is not going to give in. That is obvious by the tone they are using in their own message on their Twitter account today. 

We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data. We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.

CDPR also let everybody know that they are further investigating the incident. The proper authorities got involved, including the President of the Personal Data Protection Office and IT Forensic Specialists. CDPR will let no stone unturned to get to the bottom of this.

Maybe the most important thing for their playing community is that no personal data got hacked of them, so they can rest assured that their information is not at any risk.

Replies • 51

I'm studying Cyber Security and I keep up with all the news on it. This is just going to keep happening over and over for these game companies, as well as everyone else, if more people don't start getting into the Cyber Security industry. Here in the L.A. area alone there are over 30,000 openings for Cyber Security pros and nobody to fill them. And to realize how bad it is, just in the U.S. alone, billions of dollars are lost each year to Cyber Crime, way more than just break ins or pick pocketing, etc. Just a couple of days ago, a city water department was hacked and the hackers were almost able to poison the city's water supply. One of the operators happened to notice the mouse cursor moving around the screen on one of their computers and realized they were under attack. If he hadn't turned around and noticed it, it would have been a disaster. Cyber Crime is a real threat to our world as the hackers try to bring down our infrastructure, steal our money, and yes, take down our video game companies.

Also read about it at 9 february and thought to make post about it on AWA , but then thought that here most of time posting just news about games (giveaways) or about new video cards (or comparing different versions of video cards). Good that someone made post about it , those who hacked polish company are just the last s..m , for what you are stealing information and then demanding something ? did you spend ever the same amount of time creating and developing something of your own ? respect others and do not do such meanness... this could do only hackers without any principles. (good luck to police in searching them ! also that nice hackers avenged the Polish company. Never played in games by this company and is not a Pole , but I sincerely sympathize with the game developers...

exactly week ago (on the January 28) , was celebrated the day of protection of personal information... creating n appear new robots , technologies (even more advanced video games are developed) ... but one thing remains the same it is a question of safety .. the person can create anything , but all this can be hacked and stolen...