The maker of the popular video game Cyberpunk 2077, CD Projekt Red, is one of the latest victims to succumb to a ransomware attack. According to Wired, the company joins the likes of Capcom, Crytek, and Ubisoft as its systems became affected in the cybersecurity incident.
Cyberpunk 2077 was only released in December of 2020. However, The Guardian states that its release was met with various reviews from the public, with some saying technical flaws and bugs beset the game’s release.
CD Projekt Red took to social networking platform Twitter to share the ransom note posted by the hackers to the company. The note from the threat actors revealed that they have obtained the code for Cyberpunk 2077 and two other games, namely Gwent and Witcher 3. In addition, the hackers also said they have the code for the unreleased version of The Witcher 3.
Besides the source code from the aforementioned games, the hackers also reportedly obtained company documents that may contain personal information of employees. Documents that were “dumped” by the said hackers include those that related to accounting, administration, human resources, investor relations, and legal.
Despite this, the CD Projekt maintains that they will not give in to the demands of the said threat actors, especially as they are aware that “this may eventually lead to the release of the compromised data.”
Though the game developers still remain in the dark about who the attackers are, Wired states that the ransomware points to a group called HelloKitty. However, a threat analyst from Emsisoft Brett Callow says that this is “impossible” to determine without taking a look at the particular malware.
Furthermore, in a statement to assure its users and the public, the firm said, “Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring data,” reports The Guardian.
CD Projekt also maintains that the personal data of users and gamers alike remain safe as it had not been obtained or leaked by the threat actors.
Apart from notifying parties that may have been affected by the incident, the company is also taking other steps to address the security incident. Reuters states the chief executive officer of the gaming company, Adam Kicinski, said the firm is investigating the ransomware attack, securing its systems, and restoring data.
In addition, CD Projekt has also enlisted the help of relevant authorities and IT forensic specialists and has since reported the incident.