A major AAA developer, CD Projekt Red has been blackmailed after having its data stolen in a cyber attack. The developer behind Cyberpunk 2077 and The Witcher series has recently had its security breached by an unknown third party outside the company.
Addressing the situation on Twitter, CDPR confirmed that the individual “collected certain data belonging to CD PROJEKT capital group and left a ransom note.” The developer also attached the note left by the individual in their response. The note states that they “have full dumps of the source codes for Cyberpunk 2077, Witcher 3, Gwent and the unreleased version of Witcher 3,” as well as “documents relating to accounting, administration, legal, HR, investor relations and more.”
While the incident is still under investigation, CDPR believe that user data has not been compromised. Which would make sense seeing as the individual seems to be attacking CDPR directly and not its users.
The individual has threatened to sell or leak the games source codes and send the documents to their contacts in gaming journalism. They believe that this will have negative effects on CDPR’s public image, cause investors to lose trust and drive their stock price lower.
CDPR has confirmed that they “will not give in to the demands nor negotiate.” Their statement confirms that the developer will take steps to mitigate the consequences in the event that the compromised data is released. The developer is also working with law enforcement, IT forensic specialists and the President of the Personal Data Protection Office.
Why Could This be Happening?
Over the past few months, CDPR has been in a number of controversies surrounding its newest release, Cyberpunk 2077. The highly anticipated game had been delayed countless times since its initial announcement and was still released in a broken state. The game even had to be refunded to anyone who purchased it on a base Xbox One or PS4. CDPR also mandated that their staff work a 6-day working week for the last few months of production. Despite delaying the game in the past to avoid forcing their staff to crunch.
While it is possible it could be an ex-staff member looking to blow the whistle on CDPR, it seems unlikely. The fact that the individual is attempting to extort the developer, as well as the immature use of the word “pwned”, it’s more likely that it’s an annoyed gamer who wasn’t a fan of Cyberpunk. And while there are a lot of reasons to be annoyed at CDPR, there’s no excuse for this behaviour.
It appears that the hacker is actually more interested in ransoming the source codes and not the documents. The source codes are valuable IP for CDPR and it would hurt the company to lose that data. The reason they mentioned the documents and hurting CDPR’s public image is to paint themselves as a vigilante helping to take down the big bad corpos plaguing us gamers.
However, the sad reality is that they simply want to extort a company for their own personal gain, while trying to make it seem like CDPR deserves it.
For more gaming news check out here
Just a gamer playing games.
I’ve always loved talking about games and the industry, so join the conversation