The attack was announced on official CD Projekt Red social media feeds earlier today. The company gave a brief rundown of what had happened, what the damage is and how they intend to respond. The hackers also left a little (laughably worded) ransom note, describing what they claim to have stolen and what they believe the results of their stunt will be on the company’s image, provided CDPR does not respond to negotiate.
Among the stolen documents is, allegedly, the full source code of Cyberpunk 2077, Gwent, and two versions of The Witcher 3: Wild Hunt one of which is a never before seen, unreleased version. The attackers also claim to have stolen legal, financial and HR documents from the company, which they believe would reveal harmful information about CDPR if leaked. It has been made clear that CD Projekt Red does not intend to contact or negotiate with the attackers at all. The company noted that encrypted devices have been restored using backups and the IT infrastructure has been secured. Additionally, authorities and forensics experts were also notified to help with the investigation. Hopefully those who committed this act will be swiftly found and brought to justice. Luckily, no personal user data was compromised during the attack, which could have made the fallout much more severe.
This cyber attack comes soon after a string of unfortunate events weighing down the developer. CD Projekt Red has faced harsh criticism for the state in which Cyberpunk 2077 launched, had a class action lawsuit filed against them by a disgruntled investor, introduced more game breaking bugs with a problematic patch, and had to warn users away from mods temporarily right after launching official modding tools, due to a vulnerability that would allow external code to be executed on PCs. Hopefully things will change for the better going forward, with multiple patches lined up with the intent of fixing the game, and the free DLC program which will follow them.