Table of Contents
The game developer of Cyber punk 2077 CD projekt alleges that the hacked data is being distributed online but still they haven’t figured the actual details of the information.
What is the behind story?
Earlier in this year, it faced a ransomware attack, which “gained access to our internal network, collected certain data belonging to CD PROJEKT Capital Group and left a ransom note,” by a threat group (which was considered to be the HelloKitty Gang), the company said.
The ransomware encrypted the system for the organization too, but CD Projekt Red managed to restore all the data from the backup — making stolen data leaked the actual problem.
The threat of “double extortion” has been increased by Ransomware groups, with a warning that if the victims do not pay, they will Auction stolen data. Many also maintain sites with “name and shame” title that operators use to publish leaked victims’ information who was not able to pay the ransom.
And the cybercriminals stated that they had “dumped full copies” of Cyberpunk 2077’s, Gwent’s, Witcher 3’s and Witcher’s “unreleased version;” and acquired the sensitive company information about bookkeeping, administration, HR, investor relations, law, and more.
“Source codes will be sold or leaked online, and your documents will be sent to our contacts in gaming journalism,” according to a note.
In a late Thursday statement, CD Projekt Red stated that its security staff “now have reason to believe that internal data illegally obtained during the attack is currently being circulated on the internet.”
The report further states, “though we believe it may include current/former employee and contractor details in addition to data related to our games. Furthermore, we cannot confirm whether or not the data involved may have been manipulated or tampered with following the breach.”
This incidence is not different after updated ransomware playbook ‘breach, extract, encrypt, offer,’ “Dirk Schrader, global security research Vice President at New Net Technologies (NNT), has remarked. However, he added, “It was some sort of luck on CD Projekt Red’s side that as far as we know no customer data was involved, because if so the story would have evolved in very different ways. ”
As per CD projekt
“Rgardless of the authenticity of the data being circulated — we will do everything in our power to protect the privacy of our employees, as well as all other involved parties. We are committed and prepared to take action against parties sharing the data in question.”