12 June 21, 07:21
Quote:Earlier this year, the company suffered a ransomware attack in which a cyberattack group (believed by some to be the HelloKitty gang) “gained access to our internal network, collected certain data belonging to CD PROJEKT Capital Group and left a ransom note,” the company said at the time.
The ransomware also encrypted the company’s systems, but CD Projekt Red was able to restore everything from backup – leaving the real issue to be the stolen data.
Ransomware gangs have doubled down on the increasingly common “double-extortion” threat, saying they will auction stolen data if victims don’t pay. Many also maintain “name and shame” blogs – used by operators to post leaked data from victims that refused to send over a ransom.
And indeed, in the CD Projekt Red ransom note (also tweeted out), the cybercriminals said that they had “dumped full copies” of the source code for Cyberpunk 2077, Gwent, the Witcher 3 and an “unreleased version” of the Witcher 3; and, stolen sensitive corporate information relating to accounting, administration, HR, investor relations, legal and more.
“Source codes will be sold or leaked online, and your documents will be sent to our contacts in gaming journalism,” according to the note, which went on to say that not paying up has an impact to the company’s public image, stock price and investor confidence. The attackers claimed that the information will expose how terribly the company is run.
Now, four months later, the crooks seem to be making good on their promise regarding the information. In an update posted late Thursday, CD Projekt Red said that its security staff “now have reason to believe that internal data illegally obtained during the attack is currently being circulated on the internet.”
It added that it’s in the process of clarifying just which data is being circulated, “though we believe it may include current/former employee and contractor details in addition to data related to our games. Furthermore, we cannot confirm whether or not the data involved may have been manipulated or tampered with following the breach.”
Read more: Cyberpunk 2077 Hacked Data Circulating Online | Threatpost