Cyberpunk 2077 developer CD Project Red announced that it has “fallen victim to a targeted cyber attack” which allegedly revealed the source code for many of its games.
In a message the developer shared on Twitter Tuesday morning, the hackers claim that they stole the carefully guarded source code for Cyberpunk 2077, Gwent, and The Witcher 3 (including an unreleased prototype of the latter). Documents “related to accounting, administration, legal, HR, investor relations and more”
While the hackers apparently used loose software to lock CDPR out of certain parts of the systems, the company says they should be able to restore access to the data through backups. The company also remained defiant in the face of a ransom claim for an unspecified amount and said it would not negotiate, despite a threat to release stolen data. “We will not give in to the demands or negotiate with the actor, and are aware that this may eventually lead to the release of compromised data,” the company wrote. The claim came with a 48-hour deadline.
CDPR states that “as far as we know, compromised systems did not contain any personal data about our players or the users of our services.” This distinguishes this attack from a recent ransomware attack on Capcom, in which Capcom store customers, employees and esports team members were among the groups that may have had personal information revealed to hackers.
The raw source code for a game, which is used to create the executable files that are distributed to players, is generally considered to be among the developer’s most valuable trade secrets. Back in 2003, leak of source code for Valves then not released Half life 2 led to the arrest of a German hacker. More recently, a large amount of source code for classic Nintendo games was released online as part of a so-called “Gigaleak”.
A recent report from cybersecurity research firm Coveware found that total ransomware attack payments fell slightly in the fourth quarter of 2020, after increasing steadily for many years earlier, as several companies refused to pay. An increasing number of these attacks now include threats to leak data online, Coveware found, and hackers often release this data even after the desired ransom has been paid.