In early February 2021, CD Projekt Red announced that it had become victim of a ransomware, while ransomware operators claimed to have stolen company files and source codes for the company’s games Cyberpunk 2077, The Witcher 3 (including an unreleased version with ray tracing) and Gwent, as well as financial, legal, administrative and HR documentation.
CD Projekt Red immediately announced that it did not intend to negotiate with criminals and pay them a ransom, realizing that in the end, compromised data could still be disclosed.As information security experts, including Fabian Vosar of Emisoft ,later reported, according to the published extortionate note, the relatively new ransomware HelloKitty was behind this attack.
This malware has been active since November 2020 and targets large companies, for example, the Brazilian energy company CEMIG is among the known victims.
Soon, the attackers put the stolen data up for auction. The starting price of the “lot” with the game source codes and other stolen information was $1,000,000 in increments of $ 500,000, and the “blitz price” was $7,000,000.
As Bleeping Computer now reports, citing Kela analysts, the cybercriminals’ auction ended before it began. The hackers write that they received an offer “outside the forum”, which suited them, the data was sold on condition of further non-pspread, and as a result the auction was closed.
According to the theories circulating on the network, anyone could acquire the data, from competitors of CD Projekt Red, who want to analyse sources and documents in search of corporate secrets, to CD Projekt Red itself, which nevertheless made a deal with hackers to keep those secrets secret. and prevent leakage.
However, there is also an opinion that it makes no sense for a software developer to buy their own data because of copyright laws.
The reality is that we will unlikely ever know for sure if the data was sold, and if so, who bought it.