Hacked data stolen from CD Projekt is circulating online, the company says. The studio behind Cyberpunk 2077 and The Witcher 3 says it can not confirm the exact contents of the data being circulated, but believes it relates to its games, contractors, and both current and former employees. It also warned that the data may have been manipulated or tampered with.
The disclosure comes four months after the studio first announced that it had fallen victim to a ransomware attack. It initially said hackers had managed to access “certain data” from the company. CD Projekt posted the ransom note it received in which the hackers claimed to have access to source code from its games including Cyberpunk 2077, The Witcher 3, and Gwent. The note also said the hacked data included details relating to its HR, accounting, and other internal operations.
The company said it would not give in to the hackers’ demands, and days later the attackers claimed to have sold the data online. However the nature of the sale, in which the hackers claimed to have found a buyer outside of a hacking forum auction, raised questions about whether they were able to find a buyer at all. Writing in a blog post, Emsisoft threat analyst Brett Callow said he thought it was “likely” that the hackers were just claiming to have found a buyer to “save face” after having failed to monetize the hack.
CD Projekt has previously admitted that hackers were able to encrypt some of its employee data on its network. But the company said its investigation had found no evidence that the data had been transferred out of the company’s systems.
The hack followed the troubled launch of the studio’s latest blockbuster title, Cyberpunk 2077. Although it sold well and was initially well-received by critics, players quickly discovered that the game was riddled with bugs, and almost unplayable on older consoles. The situation was so bad that the game was pulled from the PlayStation Store. As of this writing, it is yet to return.
CD Projekt says it’s continuing to work with law enforcement and outside experts as it responds to the hack, and said it is “committed and prepared” to take action against anyone sharing the stolen data.