Tweet
CD Projekt Red has tweeted out news that they were the victims of a ransomware attack on their work machines. They state that no customer information nor employee information were compromised. They also say that they are restoring their data from backups that have been made.
In addition to revealing this information, they also shared a copy of the ransom note. This note says that the attackers have "full copies" of the source code for games like Cyberpunk 2077, The Witcher 3, and GWENT: The Witcher Card Game. They also claim to have "the unreleased version of The Witcher 3." This is presumed to be the old "pre-downgrade" versions of The Witcher 3.
CD Projekt Red says that they will not be giving in to any of the ransom demands. They also note that they are cooperating with the authorities on this.
Their tweet about this, including the ransom note can be found below. I have also transcription of their announcement below the tweet.
Yesterday we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised.
And unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note the content of which we release to the public. Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data.
We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data. We're taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.
We're still investigating the incident, however at this time we can confirm that ̶ to our best knowledge ̶ the compromised systems did not contain any personal data of our players or users of our services.
We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them in order to fully investigate this incident.
And unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note the content of which we release to the public. Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data.
We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data. We're taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.
We're still investigating the incident, however at this time we can confirm that ̶ to our best knowledge ̶ the compromised systems did not contain any personal data of our players or users of our services.
We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them in order to fully investigate this incident.
