Cyberpunk 2077 developer CD Project Red announced that it had ‘become the victim of a targeted cyberattack’ that allegedly exposed the source code for many of its games.
In a message the developer shared on Twitter On Tuesday morning, the hackers claimed that they had stolen the well-guarded source code Cyberpunk 2077, Gwent, en The Witcher 3 (including a prototype of the latter that has not yet been released). It is alleged that documents “concerning accounting, administration, legal administration, HR, investor relations and more” were also compromised.
While the hackers apparently used ransomware software to block CDPR from certain parts of its systems, the company says it could restore access to the data through backup. The company also remained defiant in the face of a ransom claim of an unspecified amount, saying it would not negotiate despite the threat to disclose the stolen data. “We will not concede to the claims nor negotiate with the actor because we are aware that this could eventually lead to the disclosure of the compromised data,” the company wrote. The claim comes with a deadline of 48 hours.
CDPR states that “to the best of our knowledge, the compromised systems do not contain any personal data of our players or users of our services.” This distinguishes this attack from a recent ransomware attack on Capcom, in which Capcom store customers, employees and team members were among the groups that may have disclosed their personal information to hackers.
The raw source code for a game, which is used to create the executable files distributed to players, is usually considered one of the most valuable trade secrets of a developer. Back in 2003, the leak of source code for Valve’s then unreleased Half-life 2 led to the arrest of a German hacker. More recently, a large amount of source code for classic Nintendo games has been released online as part of a so-called “Gigaleak”.
A recent report by cybersecurity analytics firm Coveware found that total ransomware attack payments fell slightly in the fourth quarter of 2020, after rising steadily years ago as more companies refused to pay. An increasing number of attacks now contain threats to leak data online, Coveware has found, and hackers often release the data even after the desired ransom has been paid.