'Cyberpunk 2077' Developer CD Projekt Red Is Being Held at Ransom by Hackers

The company announced it has fallen victim to a ransomware attack, with an "unidentified actor" now threatening a data leak

BY Brock ThiessenPublished Feb 9, 2021

CD Projekt Red — the Polish game developer behind Cyberpunk 2077 and The Witcher series — has been hacked, with the attacker now threatening to leak sensitive data unless demands are met.

The developer went public about the ransomware attack this morning, saying the company was targeted by an "unidentified actor" who gained access to some its internal systems. However, CD Projekt Red stated it does not believe players' personal data has been compromised, while adding that CD Projekt Red has not given in to the demands or negotiated with the attacker.

"We are still investigating the incident, however at this time, we can confirm that — to our best knowledge — the compromised systems did not contain any personal data of our players or users of our services," reads the announcement from CD Projekt Red.

"We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data."
Alongside CD Projekt Red's own announcement, the developer shared the ransom note left by the attacker, who claims to have accessed source code for Cyberpunk 2077, Witcher 3, Gwent and an "unreleased version of Witcher 3."

The attacker is now threatening to release this source code, as well as internal legal, HR and financial documents "if we will not come to an agreement." CD Projekt Red has been an ultimatum of 48 hours.

At this point, CD Projekt Red has been in touch with law enforcement authorities and the Personal Data Protection Office.

Of course, the attack comes after CD Projekt Red made headlines around the world over the truly disastrous launch of its latest game Cyberpunk 2077, which led to refunds, lawsuits, removals from sale and more.

UPDATE (2/9, 2 p.m. ET): As some readers have pointed it, many suspect that the attack does not come at the hands of disgruntled gamers. As Fabian Wosar of cybersecurity company Emsisoft tweeted, the attack may stem from a known ransomware group known as HelloKitty.

Latest Coverage