December 29, 2024

CDPR Hacked, ‘Cyberpunk 2077’ Source Code Held For Ransom

CDPR #CDPR

Cyberpunk 2077

CDPR

CDPR’s bad past year continues to get worse. Early this morning, the company announced it had been the victim of an extensive hack, one that has come with a ransom demand they will not meet, and instead they have turned over all relevant information to the authorities, and are taking steps to mitigate the damage.

While they say that they believe no customer information was leaked, the potential extent of the damage is large, particularly if the hackers release the information they claim to have, which is all summed up in the following ransom note that I thought, at least for a moment, was a parody, but it’s not. The note, publicly posted by CDPR, reads:

“Hello CD Projekt,

Your [sic] have been EPICALLY pwned!!

We have dumped FULL copies of the source codes from your Perforce server for Cyberpunk 2077, Witcher 3, Gwent and the unreleased version of Witcher 3!!!

We have also dumped all of your documents relating to accounting, administration, legal, HR, investor relations and more!

Also, we have encrypted all of your servers, but we understand that you can most likely recover from backups.

If we will not come to an agreement, then your source code will be sold or leaked online and your documents will be sent to our contacts in gaming journalism. Your public image will go down the shitter even more and people will see how your shitty company functions. Investors will lose trust in your company and the stock will dive even lower!

You have 48 hours to contact us.”

CDPR has emphatically said that they will not meet any demands, even if that means the release of this info, from confidential documents to the source code of their games.

Cyberpunk 2077

CDPR

The tone of this note clearly paints this action as retaliatory for the botched release of Cyberpunk 2077, which has stirred a fair amount of anger among fans, as before this, CDPR was a beloved developer who could practically do no wrong after the release of The Witcher 3. Even now, I’m reading responses that range from “well, they had it coming” to “couldn’t have happened to a nicer studio.” Some even accuse CDPR of faking the situation to garner sympathy after the Cyberpunk launch debacle.

Sorry, but I just cannot get on board with any of that. While CDPR has had a “trust” problem as of late, I think there’s a difference between hiding the performance of a game on last-gen consoles and…inventing an elaborate hack out of thin air to gain sympathy. Nor do I think the company “deserves” this, as this could potentially release sensitive information about individual employees, not to mention the time spent dealing with the fallout of this hack means even more delays for the actual fixes and new content Cyberpunk needs. The full scope of the damage from this could be massive when all is said and done, and no one benefits from it. It’s a terrible situation all around.

We’ll see what happens next here. So far as we know, the information the hackers claim to have has not been released, and their 48 hour demand window would expire some time on Thursday (though we don’t know when this note was sent precisely). I do not know what “gaming journalist” contacts the hackers claim to have to sent the stolen information to, but it ain’t me.

Hopefully these hackers can be caught before the release of the damaging information. If not, CDPR’s situation is about to get a whole lot worse.

Follow me on Twitter, YouTube, Facebook and Instagram. Pick up my sci-fi novels the Herokiller series, and The Earthborn Trilogy, which is also on audiobook.

Leave a Reply