The developer of Cyberpunk 2077 has revealed that the data stolen during a ransomware attack earlier this year is now reportedly being circulated online.
CD Projekt Red was the victim of a “targeted cyber attack” in February 2021 that saw internal data stolen by unknown hackers, as well as some devices being encrypted (although these were later recovered through backups).
Several months on from the attack, the company now believes that its internal data stolen during the attack is now available online.
According to a ransom note published by CD Projekt Red, the hackers were able to access source codes for Cyberpunk 2077, Witcher 3, Gwent and the unreleased version of Witcher 3. In addition, they claimed to have gained access to “documents relating to accounting, administration, legal, HR, investor relations and more”.
The note concluded by saying that if the company did not pay the ransom, the stolen data would be leaked or sold online – with CD Projekt Red declaring after the attack that it would, “not give in to the demands nor negotiate with the actor.”
In a statement on its Twitter account, CD Projekt Red said that although it was not able to confirm the exact contents of the stolen data in question, details of both current and former employees and contractors may be involved, along with data related to its games.
The company added that it could not confirm whether or not the data in question may have been “manipulated or tampered with” following the breach.
CD Projekt Red says it is still working with a number of law enforcement agencies and security experts following the attack, as well as contacting Interpol and Europol. The company added that it was, “committed and prepared to take action against parties sharing the stolen data”.
“We would also like to state that – regardless of the authenticity of the data being circulated – we will do everything in our power to protect the privacy of our employees, as well as all other involved parties,” it added in an internal blog post.
The company also outlined how it has taken “multiple measures” since the breach to strenghthen its internal systems to protect against future attacks. This includes a redesign of its core IT infrastructure, new “next-generation firewalls” and remote-access systems, and an expansion of its own internal security department.