CD Projekt Red has been hit by a cyberattack, which resulted in source codes for games like Cyberpunk 2077 and an “unreleased version” of The Witcher 3 being accessed.
In a statement posted on Twitter on January 9, the company wrote, “Yesterday we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised.
“An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note the content of which we release to the public. Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data.”
The statement added that the company had already approached the relevant authorities about the case, and that the systems affected by the hacker did not contain players’ personal data.
CD Projekt Red also shared the note left by the hacker, which claimed to have dumped the source codes for not just Cyberpunk 2077 and The Witcher 3 but also Gwent and the aforementioned “unreleased version” of The Witcher 3. Documents related to areas like accounting, HR, and investor relations were also accessed.
The hacker has threatened to leak or sell the source codes online and to send the documents to “our contacts in gaming journalism” to hurt CD Projekt Red’s image if they did not reach an agreement with the company in 48 hours. CD Projekt Red said in its statement that it will not give in to the demands and is taking steps to “mitigate the consequences of such a release”.
This cyberattack comes just a few months after Resident Evil developer CAPCOM was hit by a ransomware attack in November 2020, which resulted in personal information for staff, customers, and business partners being compromised.