In early February 2021, CD Projekt Red announced that it had been the victim of a HelloKitty ransomware attack, and now the stolen data is spreading across the network.
The ransomware claimed to have stolen the source code for the company’s games Cyberpunk 2077, The Witcher 3 (including an unreleased version with ray tracing) and Gwent, as well as financial, legal, administrative and HR documentation.CD Projekt Red immediately announced that it did not intend to negotiate with the criminals and pay them a ransom, realizing that in the end, compromised data could still be disclosed.
Soon, the attackers put the stolen data up for auction. The starting price of the “lot” with the source codes of the games and other stolen information was $1,000,000 in increments of $500,000, and the “blitz price” was $7,000,000.
However, the cybercriminals’ auction ended before it even began. The hackers reported that they received an offer “outside the forum”, which suited them, the data was sold on condition of further non-proliferation, and as a result the auction was closed.
As the representatives of CD Projekt Red now write, contrary to the statements of the hackers, the stolen data is now spreading on the network and may contain information about the employees and contractors of the company.
Since the breach, the company has taken many measures to protect and strengthen internal systems to protect against similar breaches in the future, the company said. They also declare that regardless of the authenticity of the disseminated data, CD Projekt Red will do everything to protect the privacy of its employees, as well as all other parties involved.
Bleeping Computer notes that recently the hack group PayLoad Bin (formerly known as Babuk Locker) published the full source code of the games CD Projekt Red, size 364 GB. How this information could get into the hands of PayLoad Bin is unknown.