CDPR revealed the attack and ransom note on Twitter a few hours ago. The hackers claim to have stolen source code for Cyberpunk 2077, The Witcher 3, Gwent, and an unreleased version of The Witcher 3. They also managed to encrypt some devices in the company’s internal network, though the backups are intact and CDPR has started restoring data.
The ransom note boasts, “Your have been EPICALLY pwned!!” It warns that should the stolen information be leaked, “your public image will go down the shitter even more and people will see how your shitty company functions. Investors will lose trust in your company and the stock will dive even lower!”
The hackers don’t reveal their terms but did give CDPR 48 hours to contact them. The Polish firm has assured players and service users that none of their personal details were stored on the compromised systems.
CD Projekt Red writes that it has no intentions of giving in to the hackers’ demands or negotiating with them, and is taking steps to mitigate any damage caused by a data leak. It has contacted law enforcement and IT forensic specialists to investigate the incident.
A recent report showed ransomware attacks in which criminals threaten to release sensitive information if their demands aren’t met increased 20 percent in the fourth quarter. As the data is often leaked even if the victims agree to terms, many companies refuse to pay and deal with the consequences, as seems to be the case here.