The developer of headline-grabbing video game Cyberpunk 2077 has announced it was the victim of a ransomware-style attack.
An unidentified actor gained access to the internal network of CD Projekt Red and stole data, the gaming company confirmed on Twitter this morning.
The attackers left a ransom note threatening to release proprietary video game source code and other datasets to the public.
CD Projekt Red said it has already begun restoring data and has secured its IT infrastructure. It added that its backups remain intact.
“We will not give in to the demands nor negotiate with the actor,” a statement posted on Twitter reads.
It adds: “We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.”
CD Projekt Red said that initial investigations revealed that no personal data belonging to players or customers was compromised in the attack.
‘Epically pwned’
In the ransom note, the attackers claimed they had pilfered the full source code for popular video games including Cyberpunk 2077, Witcher 3, and Gwent.
They also said they had documents relating to accounting, administration, legal, HR, investor relations, and more.
“Your (sic) have been EPICALLY pwned!!” the note reads.
The attackers also threatened to sell the source code and send the data “to their contacts in gaming journalism”.
Calvin Gan, senior manager at F-Secure’s Tactical Defense Unit, said: “While it remains to be seen how their internal systems were breached, the lesson from this breach is a good reminder to all organizations out there.
“It is always better to assume and operate in the mindset of ‘when you will be targeted’ rather than ‘if you will be targeted’. Organizations should work towards reducing the attack surface continuously, not just as a one-time effort.”
Gan added: “Organizations must have a response plan in place ready to take effect when needed, but at the same time, constantly being rehearsed so that employees are aware of their next course of action.”
RCE risk
Last week, the developers warned against a security vulnerability in Cyberpunk 2077 that could result in remote code execution (RCE).
A security release states that a hotfix is available for issues that could lead to RCE, which was caused by the downloading of certain modification files.
The developers also warned against using any mod tools downloaded from unknown sources.
Source: https://portswigger.net/daily-swig/cyberpunk-developers-held-to-ransom-after-cyber-attack-source-code-theft