Skip to main content

Long read: The beauty and drama of video games and their clouds

"It's a little bit hard to work out without knowing the altitude of that dragon..."

If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

CD Projekt hit by "targeted cyber attack"

With source codes and documents held to ransom.

CD Projekt has released a statement explaining it's been the victim of a "targeted cyber attack," with some of its internal systems compromised.

On Twitter the company explained an unidentified actor had breached its systems and collected data belonging to CD Projekt, and was now threatening to release the contents. CD Projekt said some of its devices had been encrypted by the attack, but that company backups remain intact and it is in the process of restoring its data.

Watch on YouTube

Unusually, CD Projekt also released a copy of the ransom note sent by the unidentified actor. They claim to have gained access to "the source codes from [CD Projekt's] Perforce server for Cyberpunk 2077, Witcher 3, Gwent and the unreleased version of Witcher 3". They also claim to have gained access to "all of [CD Projekt's] documents relating to accounting, administration, legal, HR, investor relations and more," although the exact nature of these isn't detailed. The note demands CD Projekt contact the sender, or face the public release of the source codes and documents.

CD Projekt has said it will "not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data". It is now in the process of contacting parties who may have been affected by the breach, although it believes personal data belonging to players and users has not been compromised. It is currently working with law enforcement, IT specialists and the President of the Personal Data Protection Office to investigate the breach.