Cyberpunk 2077 developer CD Projekt Red has been having a rough time since the launch of the highly-anticipated yet much-maligned game late last year. The game studio has borne the brunt of critical backlash, class-action lawsuits, and now are the victim of a major hack.
On Tuesday, February 9th, a hacking collective infiltrated CD Projekt Red’s network and stole not only the source code for Cyberpunk 2077 but also the source code for the critically acclaimed The Witcher 3. Reports vary, but it is believed the source code of at least one of The Witcher spinoffs was taken as well. In the theft, the hackers also got access to company data which included CD Projekt Red’s internal legal, financial and HR documents.
CD Projekt Red said that the hack did not compromise players’ privacy as the stolen data “did not contain any personal data of our players or users of our services.”
The hack was a part of a ransom effort by the hacking collective, giving CD Projekt Red 48 hours to pay an undisclosed sum of money or the source code would be auctioned on the dark web and internal documents would be distributed to journalists.
After the hack, CD Projekt Red said in a statement that they “will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data.” In the same statement, the developer explained how they were preemptively working to “mitigate the consequences of such a release” and how they have “approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensics specialists.” The full statement and the ransom note can be viewed in CD Projekt Red’s tweet which is embedded below:
After the 48 hours expired, it was reported that hackers sold the data in a dark web transaction that was separate from the initial auction they were selling it through. The auction started at $1M and bids were placed in $500K increments, leading one to believe that the unknown value of the sale was extraordinarily high.
While at this point, the perpetrators of the hack are unknown, there are various IT forensics and security experts who are pointing the finger at a hacking collective that has sparingly used a ransomware called HelloKitty.
Talking to Wired, Emsisoft threat analyst Brett Callow shared his theory, “This attack looks to involve a type of ransomware called HelloKitty, as the style and naming convention of the note are consistent. The group behind HelloKitty do not deploy it frequently and the most notable victim to date is Brazilian power company, CEMIG.” He made sure to qualify that this was speculation as it would be hard to truly identify the culprit without looking at the ransomware’s code. Computer Weekly further examined this theory in a piece, saying HelloKitty “is likely responsible” for the attack.
At this point, it is hard not to speculate if CD Projekt Red will be able to recover from everything that has happened surrounding the Cyberpunk 2077 release. Even the hackers are aware of this, using the scrutiny the company has faced in their ransom note, threatening that, “Your public image will go down the sh***er even more.”