Cyberpunk 2077 Code Being Held Hostage
It seems as though CD Projekt Red just can't catch a break. The dev is still reeling from the botched launch of Cyberpunk 2077, which has resulted in more than one lawsuit. Now, CD Projekt Red has revealed in an official statement that it has been the victim of a major cyberattack.
According to the statement, an "unidentified actor" managed to hack into CD Projekt Red's secure servers and made off with plenty of internal data. What's more, this unknown party has demanded a ransom in exchange for the stolen information. Along with the company's statement on the matter, CD Projekt Red included a screenshot of the ransom email received from the hacker or hackers.
In the email, the hacker said that they had managed to steal the source code for several CD Projekt Red projects, including Cyberpunk 2077, Gwent, and an unreleased version of The Witcher 3. The hacker also claimed to have "dumped all of [CD Projekt Red's] documents related to accounting, administration, legal, HR, investor relations, and more!"
The hacker demanded that CD Projekt Red contact them within 48 hours, or else all of the stolen source code would be dumped online, while the other internal documents would be forwarded to gaming journalists. According to the hacker, the reveal of this private information would be a great blow to a company that has already reportedly lost $1 billion following the launch of Cyberpunk 2077.
Despite the scale of this cyberattack, it appears that CD Projekt Red is not planning to play by the hacker's rules. The company's statement continued, "We will not give into the demands nor negotiate with the actor, being aware that this may eventually lead to the release of compromised data."
CD Projekt Red made a point to alleviate customer fears, however. While the company has already contacted the authorities and an investigation is underway, CD Projekt Red does not at this time believe that any private customer data was stolen in the cyberattack. This particular bit may come as a significant relief for gamers, particularly considering some of the high profile data breaches that have impacted video game companies within the last year.
Back in November, Capcom fell victim to a large-scale cyberattack, with both internal company files and customer contact information being among the stolen data. Before that, over 300,000 Nintendo accounts were breached in another series of hacks. Luckily, customer payment information did not appear to have been compromised in either situation.