Earlier today, Cyberpunk 2077 and The Witcher 3 developer CD Projekt Red revealed that it had become the target of a ransomware attack. The studio posted the news online, publicly sharing a ransom note said to be left by a hacker which claimed that the source code for some of its top games had been stolen, alongside a warning that they'd leak unreleased content if they and CD Projekt couldn't come to "an agreement."
CD Projekt has said that it "will not give in to the demands" and has already approached relevant authorities. It has also reassured fans that personal data of players doesn't seem to have been compromised.
Now, in a statement shared with Nintendo Life, ProPrivacy Digital Privacy Expert Ray Walsh says that CD Projekt "runs a real risk that those games will be leaked online."
"It will be interesting to see how CD Projekt Red deals with this ransom attack moving forward, and whether it goes back on its initial statement and eventually does decide to pay the hackers to protect the code for Cyberpunk and a forthcoming version of The Witcher 3.
"If game code was stolen, they run a real risk that those games will be leaked online – whether they pay or not. If the game code is released online, this would permit cracked versions of their games to proliferate online for free, as a result of which the studio could find themselves haemorrhaging profit."
Speculation surrounding the server hack has already started to circulate online, and while it is just that – speculation – Walsh goes on to suggest that the possibility of the attack being an inside job is "plausible".
"The possibility of an inside job is of course plausible. The bad press caused by the early release of Cyberpunk 2077 in a buggy state, as well as reports that CD Projekt Red blamed its developers for the issues, could well have left a bad taste in somebody's mouth.
"We will now have to wait and see exactly what forensic analysis reveals about this hack so that CD Projekt Red can ascertain exactly what data was affected and what exactly might potentially be at risk.
"The good news is that initial reports appear to show that no consumer-related data was lifted. However, consumers will need to watch this incident closely to be sure that no personal data was affected that could be leveraged for phishing or ID fraud, for example."
CD Projekt's official statement can be read here.
Comments 36
Wow, now that would be wild if it was an inside job. And seeing how CDPR treats its employees... wouldn’t be all that surprising.
Wow, a LOT of big breaches with these companies lately. Although it's somewhat appropriate for it to happen to the Cyberpunk 2077 developer. The Dark Future is already here.
Dang Witcher 3 doesn't deserve this, Cyberpunk is a different story but witcher...
CDPR games are DRM-free though. People have already been pirating their games.
Is this guy working with the hackers or something? What unhelpful advice.
CDPR got attacked by an actual net runner
In Superman 3, it was an inside job, Richard Pryor skimming a fraction of a one cent from transactions. If that's inaccurate, please nerd-splain below ; )
I don't really see how this could influence their sales. For PC, I'm sure there are already cracked Versions of Witcher 3 and Cyberpunk.
For the unreleased Witcher 3, which might be the PS5 Version, the code could be unfinished so the game is unpolished. On top of that, I can't recall the PS5 already is already hacked and can run copies. So, yeah...
If it was an inside job, they might be able to find the guy anyway...
@mazzel I can confirm Witcher 3 and Cyberpunk are cracked BUT the source code is another thing.
Some studios could give huge amount of money to se HOW the games are done (not play them) as it will give them the intel on how to make things quickly. That is why patents exist for other things not related to coding.
Some people call it reverse engineering but many games are protected from that too so the code is safe. There are some old games that are NOT reverse engineered to this day.
Think of it as stealing the original formula of Coca Cola or something like that and selling it to the competition. Or the new fuel system of a car in Formula 1.
I remember when, back before Cyberpunk was released, many people online touted CDPR as a very good company for reasons I could never comprehend... As if they were the best developers on the face of the Earth.
How the tides have turned.
Still curious to see how this story develops. I'm a bit skeptical to accept the inside job theory as truth but we shall see.
you love to see it
They shared a statement with...Nintendolife?! And not like...Push Square, or some other news site that isn't Nintendo-based?!! XD
Actually, nah, I'm all for this. Let this whole hilarious situation get even more hilarious. That's the theme of Cyberpunk's launch in general, right?
@Zuljaras Sure, that's true. But it will not influence the sales of these games. On top.of that, if another company steals code and it is obvious, e.g. CDPR can proof it, it's also not the best publicity for the stealing party.
But yeah, I get that this is not nice for CDPR, but somehow I have the feeling the tiger has not so many teeth as it think it has.
I mean, who wants Cyberpunk's Source code in the current state? 😂
@mazzel Yep nobody would want that mess! They could prove that it is stolen just by the bugs. This is also why nobody steals the original code of Bethesda games
Still I think it is not about copy and paste but about how they did it.
My first inclination is that this was the company's attempt to shift attention away from their Cyberpunk fiasco. Calling this an "inside job" simply makes me more suspicious. I'm thinking now that they are attempting to preemptively explain to any investigators why there is no evidence of an external security breach.
@mazzel "I mean, who wants Cyberpunk's Source code in the current state?"
Modders and fans of the game who would love a crack at the source code so they could create community patches.
The more source code leaks, the better!
Inside job hackware is never a good thing. But bad is cyberpunk 2077 wasn't their development but translation so that makes this even worse. I hope they find the inside job and get them - even if they have issue doing something like this is never a good public image nor helps other developers whom are looking for them to assist with translations.
@IpwnedU123 Then ask yourself why not leak your bank account and let anyone withdraw much as they want. Your comments border on delusion.
@TestudoVilis That seems to happen every time a developer is praised as being the best ever. At one point in time everyone was celebrating Blizzard and Bioware as the best developers ever who only produced hits that could do no wrong, and now look at them.
Huh...CDPR's cyber security seems to be as buggy as Cyberpunk 😋. Honestly wouldn't be surprised to discover that an employee (s) helped with this
It's also possible CDPR made the whole thing up. They've done it before, back in 2016, when they claimed someone had broken into their servers and stolen some early art work for Cyberpunk 2077 and was holding it ransom which they were refusing to pay.
Praise turned to suspicion when the art work was never leaked anywhere and many began to question if CDPR hadn't lied about the whole thing because they were starting over from scratch on CP 2077's development in late 2016 and wanted to use the stolen art work as an excuse. Instead, they simply never mentioned it again. Until they chose to revive the fairy tale in this new incarnation. Great excuse for delaying that road map of patches for their broken game, wouldn't you say?
@JayJ Haha yea, the extent to which all of us can be blinded by emotions or good faith can be astouding at times. At the end of the day, all three you mentioned are what they are, corporations.
@Slowdive As a patient person, I agree completely. The best course of action for living up to the standards they set for themselves would have been to recognize their own limits, and delay accordingly. While I admittedly haven't played the game (only watched plenty of footage) I can see the backbones of what could potentially be a great title, it just hasn't quite gotten enough polish. It still looks enjoyable, both when it works and when it doesn't, though I doubt this matches their original vision.
I do wonder why they chose not to delay; could be because the investors or some other party behind the scenes forced their hand, could be because they got greedy and wanted to make some quick bucks gambling that it'd work out in their favor long-term, could be because they dreaded to face more criticism from players and media who do not have enough patience to put up with even further delays and broken promises, perhaps all the above combined determined the final outcome? In retrospect it's easy to say that a company should have delayed their games, but what seems like an unanimous opinion on the internet, is almost never truly so because the opposition tends to remain quiet. I'm not defending CDPR at all, just wonder how nuanced this matter has been for the executives. For the developers it was unfortunately a forced choice between crunch and disappointment in the finished product, or hard work ahead for an indeterminate amount of time (and who's to say the other outcome would have never reoccured?).
@FroZtedFlakerZz No one "deserves" this. The hackers aren't heroes; they're opportunistic script kiddies holding private information involving not just businesses, but actual people, hostage for money. As I've said before when other companies like Capcom and Nintendo got hit, just because it's happening to a company you don't like, doesn't make it any less criminal or damaging.
@Narrator1 First of all it was a joke "proceeds to facepalm"
Second of all, last I checked Cyberpunk is not a person
and I do feel bad for the entire company it's terrible and it'd really stink, but they also don't treat their workers that well so if it was an inside job...
This companies downfall has literally been unprecedented in any industry. It's literally one thing after another now. A none stop spiral into certain obscurity.
@SwitchForce Source code of popular games has absolutely nothing to do with bank accounts. Your comment does not border on delusion. It IS delusion!
Random person makes random speculation. HEADLINE!
Please stop pretending that guesses are news.
The idea of an inside job seems almost preposterous. From what has been made public it's obviously a skilled and experienced ransom attack. It's doubtful anybody inside had any spare time to also moonlight as a seasoned organized cyber crime operative, despite whatever undercover character building experience they may have had for CP2077 research.
@Ralizah It's almost as though ignoring borders and controls and putting all information of all things personal and business all in to the same giant vault called the internet and allowing foot traffic of everyone everywhere in the world to have access to it all at once so that someone in a sewer in Mumbai can be actively working on picking the vault lock on 12th & Broadway entirely invisibly wasn't actually a good idea and simply enabled more thieves to crack more saves more quickly and all at once. I, for one, would never have guessed that to be the result.
The commercial internet is a disaster that never should have existed and any rational civilization would shut it down and dismantle it. It was designed for open, free exchange of communication. The very opposite of the "secured" environment the commercial internet tries to create - securing it fights the actual design of it. The commercial or "web 2.0" internet never made sense even from the time they started hyping it.
@WoomyNNYes wasn't that Office Space, lol?
@NEStalgia an employee could have just had access to install the ransomware for whoever the main culprit is. That's not that far fetched, IMHO.
@Razer when the "powers that be" want to take you down, it's almost impossible to avoid it. Ask Donald Trump, the most powerful man in the world at one time (regardless of what ppl think of his politics). They have stopped at nothing to misquote, lie, obstruct, cheat, steal, and every bad thing possible has been done against him to destroy him. They don't want to allow him to exist, lol. It doesn't surprise me that this can be done to anyone else.
@twztid13 haha. I think you might be right, that it was in Office Space. But it's true that it was part of the plot in Superman III. ...WoomyNNYes searches internet... Here's where they concoct the zaney scheme https://youtu.be/N7JBXGkBoFc?t=43
@WoomyNNYes wow, i don't remember seeing that before. I was probably so young i just didn't pay attention to that part when i saw it, lol.
@twztid13 $20 says it was the management clicking on the phishing scam and not admitting it.
@NEStalgia if they don't admit it, we'll never know, tho, lol. Even if the forensics show that, they'd find a way to keep that out of the news, i imagine.
Show Comments
Leave A Comment
Hold on there, you need to login to post a comment...