Ransomware attack: ‘Cyberpunk 2077’ developer CD Projekt Red says February breach may have included employees’ information
The list of big companies falling victims to massive ransomware attacks worldwide is growing, and “Cyberpunk 2077” developer CD Projekt Red had been part of it earlier this year. The studio has now provided an update suggesting that the February breach may have included the information of their employees and contractors.
While the gaming industry and fans are all eyes on the Summer Game Fest and upcoming E3 presentations, CD Projekt Red comes out with an update on the ransomware attack it experienced earlier this year. The studio posted an update on Twitter on Thursday that reads, “We are not able to confirm the exact contents of the data in question, though we believe it may include current/former employee and contractor details in addition to data related to our games.”
This is slightly different from what the “Cyberpunk 2077” developer announced last February, which implies the ransomware attack was worse than once thought. At the time, the studio said it did not have proof that employees’ personal data was involved in the breach. But the company advised ex-employees to exercise caution in relation to the cyber attack.
When CD Projekt Red confirmed the ransomware attack, the studio also shared the message they received from the perpetrators. The attackers claimed to have acquired “full copies of the source codes” of “Cyberpunk 2077,” “Witcher 3” and its unreleased version, and the card game “Gwent.” The ransom note added, “We have also dumped all of your documents relating to accounting, administration, legal, HR, investor relations and more.” At the time, CD Projekt Red assured fans that players’ and customers’ personal data were not involved in the breach and that does not seem to change in the update posted on Thursday.
CD Projekt Red also previously stated it will not submit to the attackers’ demands, but the studio later said the breach affected the development of “Cyberpunk 2077” patch 1.2 that delayed its release from February to late March. Meanwhile, data stolen from the ransomware breach was reportedly sold through an online auction on the dark web. A minimum of $500,000 bis was required, but the auction was closed after hackers purportedly received a satisfying offer.
The increased ransomware attacks targeting large firms have prompted the White House to issue a statement earlier this month urging companies to step up in protecting their networks. Last May, the American oil pipeline system Colonial Pipeline based in Texas was hit by a ransomware attack forcing it to shut down its operations. Food processing giant JBS confirmed this week that it paid an $11 million ransom following a cyber breach that affected its operations in North America and Australia.