CD Projekt hacked – hackers threaten to release source code plus accounting, legal, HR documents and more

Early this morning, CD Projekt announced that it had been the victim of a huge online attack. CD Projekt also took the unusual step of releasing the ransom note along with its own statement.

That note stated that the hackers had succeeded in copying the source code for all CD Projekt’s recent titles, including an unreleased version of The Witcher 3, potentially an updated next-gen console edition.

Even more concerning was a list of sensitive documents that the hackers threatened to release. These look to include confidential and sensitive information, which might impact not only CD Projekt but also platforms and other partners it has worked with. 

The ransom note takes a very angry tone, though it doesn’t mention any specific reason for the attack, it does mention CD Projekt’s recently battered public image, which leads us to think that the attack is related to the release of Cyberpunk 2077. The message also doesn’t make any particular demands, just that they want the company to “come to an agreement.”

The message read in full [sic]:

“Your have been EPICALLY pwned!!

We have dumped FULL copies of the source codes from your Perforce server for Cyberpunk 2077, Witcher 3, Gwent and the unreleased version of Witcher 3!!!

We have also dumped all of your documents relating to accounting, administration, legal, HR, investor relations and more! 

Also we have encrypted all of your servers, but we understand that you can most likely recover from backups. 

If we will not come to an agreement, then your source codes will be sold or leaked online and your documents will be sent to our contacts in gaming journalism. Your public image will go down the shitter even more and people will see how you shiity your company functions. Investors will lose trust in your company and the stock will dive even lower!

You have 48 hours to contact us.” 

CD Projekt in response said it had no intention of negotiating with the hackers, and instead was taking steps to mitigate the impact on itself and partners. It noted that it didn’t believe any customer data was compromised. 

“Yesterday we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised.

An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD Projekt capital group, and left a ransom note the content of which we release to the public. Although some devices in our network have been encrypted our back remains intact. We have already secured our IT infrastructure and begun restoring the data. 

We will not give into the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data. We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that meny be addicted due to the breach. 

We are still investigating the incident , however at this time we can confirm that – to our best knowledge – the compromised systems did not contain any personal data of our players or users of our services. 

We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them in order to fully investigate this incident.”

About Seth Barton

Seth Barton is the editor of MCV – which covers every aspect of the industry: development, publishing, marketing and much more. Before that Seth toiled in games retail at Electronics Boutique, studied film at university, published console and PC games for the BBC, and spent many years working in tech journalism. Living in South East London, he divides his little free time between board games, video games, beer and family. You can find him tweeting @sethbarton1.

Check Also

Activision Blizzard Logo

Former Blizzard dev and Undead Labs founder Jeff Strain calls for unionisation

"If this week does not show us that our industry colleagues — even the most entry-level QA tester — need true support and baseline protection, I can’t imagine how much worse it will have to get."