CD PROJEKT RED, the development studio responsible for critically acclaimed video games such as The Witcher trilogy, Saints Row and Cyberpunk 2077, recently disclosed it had been hit by a ransomware attack that affected its private network.

Official statement made on the ransomware attack

The famous gaming studio based in Warsaw, Poland stated in an official advisory that malicious attackers had infiltrated the studio’s internal network and had been able to gather capital group data belonging to CD PROJEKT before they encrypted vital systems and left behind their digital ransom request.

CD PROJEKT RED commented:

“We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them in order to fully investigate this incident.”

This is not the first time that the gaming studio has been attacked by malicious actors using ransomware tactics. An attack using a remarkably similar method was also employed against its network back in 2017.

In the dedicated ransom request left behind on the game development studio’s encrypted systems, the attackers made claims that they had also able to access and steal the complete source code used to develop several video games, including The Witcher 3, Cyberpunk 2077 and Gwent, along with an as yet unreleased version of The Witcher 3.

The attackers also alleged they had exfiltrated a wide range of different confidential data, including files that concerned accounting, HR, legal and administration data, along with data on investor relations, before they encrypted CD PROJEKT RED’s systems.

However, none of the systems accessed during the attack contained personal data belonging to customers, according to findings available from the continuing investigation into the incident.

CD PROJEKT RED also commented:

“We are still investigating the incident, however at this time we can confirm that —to our best knowledge — the compromised systems did not contain any personal data of our players or users of our services.”

The design studio’s systems have now been secured since the assault, and the firm is now undertaking the complex task of restoring its encrypted networks.

It added:

“Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data.”

A refusal to enter ransomware negotiations

The gaming studio also added that it has not only refused to pay the requested ransom but will also not enter into negotiations with the ransomware group to have the data that has been stolen deleted. The studio discussed the reasons for this, saying that it will not pay or negotiate when the compromised data may still be released. It did add that it is taking steps to avoid any unwanted consequences of the data being disclosed and approaching all involved who may be negatively impacted by the breach.

The recent ransomware attack against CD PROJEKT RED comes after similar assaults on other gaming studios, including Crytek, Capcom and Ubisoft.