



CD Projekt Red, the maker of The Witcher series, Cyberpunk 2077, and other popular games, may have proprietary data collected from a ransomware attack released four months ago available online. I said yes on Friday.

Today, we learned new information about the breach and had good reason to believe that internal data illegally obtained during the attack is now circulating on the Internet, a company official said in a statement. We are not yet able to confirm the exact content of the data in question, but we believe it may contain details of current / original employees and contractors in addition to the data related to the game.

The update provides a sort of overview as it warns that current and original employee and contractor information is believed to be part of the compromised data. When Poland-based game maker The revealed the attack in February, he said he did not believe the stolen data contained personal information about employees or customers.

A week later, the company claimed that it was unlikely that employee personal data would be disclosed. In addition, investigations have found no evidence that personal data was actually transferred outside the company’s network, and the attacker’s sequence of actions may not be able to reliably determine whether it was actually copied. It is stated that. personal data.

It’s not clear why it took CD Projekt Red four months to determine that employee data could have been affected. Perhaps forensic research has ever made that decision. I tried to ask a representative of CD Projekt Red for comment, but it wasn’t immediately successful.

Kitty and Auction Shortly after the initial disclosure of CD Projekt Reds, researchers show that the source code for games such as Cyberpunk 2077, Gwent, and The Witcher 3 was auctioned at a starting price of $ 1 million. He said he found the data.

Another team of researchers reported that the auction ended after a buyer outside the auction forum offered a price acceptable to the seller. The price was never announced. However, there is no evidence that the sale actually took place, and some researchers speculate that if the buyer did not appear, the seller would lie to hide his face.

According to researchers, the CD Projekt Red breach was carried out by HelloKitty, a lesser-known ransomware group that some researchers call DeathRansom.

From the beginning, game makers have categorically refused to even pay or even negotiate with ransomware operators. If, like Projekt Red, the victim can use backups to quickly rebuild the network, it’s much easier, but the attitude is commendable. Even so, there is a price to pay because the game maker is looking directly at it.

