Midway through this evening’s Summer Game Fest, CD Projekt released a statement discussing the circulation of stolen data from a ransomware attack – and the company is concerned it may contain employee and contractor data.
Earlier this year CD Projekt announced it had been hit by a ransomware attack, and last week we began to hear reports this stolen data was being actively shared online. Several developer-made bug montages emerged from this, but source code for several CD Projekt games (including The Witcher 3 and Cyberpunk 2077) is also reported to have been shared, and CD Projekt is concerned employee and contractor data is caught up in this.
“… We have learned new information regarding the breach, and now have reason to believe that internal data illegally obtained during the attack is currently being circulated on the internet,” the statement says. “We are not able to confirm the exact contents of the data in question, though we believe it may include current/former employee and contractor details in addition to data related to our games. Furthermore, we cannot confirm whether or not the data involved may have been manipulated or tampered with following the breach.”