Cyberpunk 2077 Developer CD Projekt Red announced that he “became the victim of a cyber attack” that allegedly exposed the source code for many of his games.
Inside a message that the developer shared on Twitter On Tuesday morning, hackers claim they stole the well-kept source code for Cyberpunk 2077, Gwentand The Witcher 3 (including an unreleased prototype from the latter). Documents “related to accounting, management, legal, HR, investor relations and more” were also allegedly compromised.
While hackers apparently used ransomware software to block CDPR from certain parts of their systems, the company says it must be able to restore access to data through backups. The company also remained defiant in the face of a ransom request for an unspecified amount, saying it would not negotiate, despite the threat of disclosing the stolen data. “We will not give in to the demands or negotiate with the actor, aware that this may eventually lead to the disclosure of the compromised data”, wrote the company. The demand came within 48 hours.
CDPR states that “as far as we know, the compromised systems did not contain any personal data from our players or users of our services”. This differentiates this attack from a recent ransomware attack against Capcom, in which Capcom store customers, employees and members of the esports team were among the groups that could have their personal information revealed to hackers.
A game’s raw source code, which is used to create executable files distributed to players, is generally considered to be one of the developer’s most valuable trade secrets. In 2003, the leak of the source code of the then unprecedented Valve Half-life 2 led to the arrest of a German hacker. More recently, a large portion of the source code for Nintendo’s classic games was released online as part of the so-called “Gigaleak”.
A recent report by cybersecurity analytics firm Coveware found that total payments for ransomware attacks dropped slightly in the fourth quarter of 2020, after a steady increase in previous years, as more companies refused to pay. An increasing number of these attacks now include online data leak threats, Coveware found, and hackers often release this data even after the desired ransom has been paid.