CD Projekt says no user data was compromised “to their best knowledge” and they are working with the authorities, without heeding the hackers’ demands.

Popular game developer CD Projekt has reported themselves to have faced a ransomware attack

In the former week, the company had announced that they were experiencing security problems with the game mods in the newly released game Cyberpunk 2077.

The gaming enterprise took it to Twitter to state that the hackers had left a note in the form of a text file wherein they claimed of making copies of the CD Projekt’s internal source code, as well as the company’s HR, administration, accounting, finance, legal and investor relations documents. They have also apparently claimed that these documents will be made public if the company doesn’t “come to an agreement.” 

The organization confirms that it will “not give in to the demands nor negotiate with the hackers” and that they were mindful that it might cause the illegal publishing of the compromised data.

It seems that the hackers were well to guess that CD Projekt had backups. Their account on Twitter confirms that they have notified the law authorities and data restoration is already in the process. 

Retaliation against rushed release:

It is speculated that the ransomware attack was deployed as a payback against the release of Cyberpunk 2077 by the developers without confirming its stability status and protection against bugs. 

Version 1.1 of the game, which came out with few patches, was also observed to be having glitches and defects which affected the storyline of the game.

Screenshots of the “note” published by the company also disclosed that the ransomware attackers had claimed to encrypt all of their servers but that they acknowledged the company would “most likely recover from backups”. 

But in a move to gain more leverage, they also claim to have replicas of source codes of CD Projekt’s other games from the ‘Perforce’ server including Gwent, Witcher 3, as well as an unreleased version of Witcher 3.

Severe cybersecurity issues:

It the second time this month that CD Projekt has announced a cybersecurity issue. The previous saw the reporting of a “vulnerability in external DLL files the game uses which can be used to execute code on PCs” and that “issues will be fixed ASAP” by the game developer organization. Users were cautioned against using mods from unknown sources. 

And now, the announcement of a full-fledged ransomware attack should be creating a sense of maximized awareness amongst users that even major corporations and organizations tend to fall prey to ransomware attacks.