CD Projekt Red hit with ransomware, possible data leak

CD Projekt Red keeps proving to be the gift that keeps on giving. The company’s hard fall from grace has been well documented following the rather disastrous release of Cyberpunk 2077. A game which ran poorly on 8th gen consoles despite promises to the contrary, which angered fans and and provoked investigation by the Polish government. There have also been concerns regarding working conditions at the developer. Making matters worse, the company has now been hit with a pretty significant ransomware attack.

The developer posted an official statement on Twitter saying they on February 8th, they discovered they were the victim of a targeted cyber attack that had encrypted some of their systems. However, they did note that backups remained intact and no personal data appears to have been compromised. They went on to state that they are flat out refusing to give into the demands of the attackers.

The anonymous ransom letter they received was also published.

“Hello CD Projekt. Your [sic] have been EPICALLY pwned!! We have dumped FULL copies of the source codes from your Preforce server for Cyberpunk 2077, Witcher 3, Gwent and the unreleased version of Witcher 3!”

The hackers also claimed to have gained access to accounting, administration, legal, HR, and investor related information. They admitted that the company most likely has backups that they can restore their encrypted data from. Rather, they are threatening to leak all of this data online should they not give into their demands.

Perhaps most notably, the attacker states that they plan to leak documents to their contacts in games journalism. “Your public image will go down the shitter and even more people will see how your company functions,” the attacker said in their letter.

This last line in particular has led to speculation that the hack could be an inside job. Speaking to Nintendo Life, digital privacy expert Ray Walsh said “the possibility of an inside job is of course plausible. The bad press caused by the early release of Cyberpunk 2077 in a buggy state, as well as reports that CD Projekt Red blamed its developers for the issues, could well have left a bad taste in somebody’s mouth.”

Walsh also notes that the company does indeed run a real risk of games and other data being leaked online. “It will be interesting to see how CD Projekt Red deals with this ransom attack moving forward, and whether it goes back on its initial statement and eventually does decide to pay the hackers to protect the code for Cyberpunk and a forthcoming version of The Witcher 3.”

“If game code was stolen, they run a real risk that those games will be leaked online – whether they pay or not. If the game code is released online, this would permit cracked versions of their games to proliferate online for free, as a result of which the studio could find themselves hemorrhaging profit.”

CD Projekt is the latest game publisher/developer to be hit with cyber attacks that have led to massive leaks. Both Capcom and Nintendo found themselves victims last year, which exposed gigabytes worth of unreleased games and content to the internet. It will be interesting to see how they react though. Especially if it is indeed an inside job as many suspect. At the time of writing, their 48-hours should be up. So far the company has made no further statements, nor does any data appear to have been leaked.