CD Projekt Red (CDPR) was the internet’s favorite developer just a few months ago, but the tide has turned following the troubled release of Cyberpunk 2077. In true cyberpunk fashion, things are getting even worse for CDPR today following a major cyberattack. The perpetrators claim to have swiped source code to the company’s games, as well as embarrassing internal documents. All will be released unless CDPR pays up, which it says it isn’t going to do.
The unnamed attackers were able to CDPR’s Perforce server, which is a software development and management platform. From this, the attackers claim to have extracted the source code for The Witcher 3 and Cyberpunk 2077. In addition, they vacuumed up PR, administration, and investor relation documents. This was technically a ransomware event, so the attackers encrypted CDPR systems.
The threat, then it two-fold: pay up to get the decryption key and prevent the perpetrators from releasing the data. CDPR points out it had backups and has already started restoring them — the Polish dev will not be negotiating with the attackers, so the release of data might be inevitable. Assuming, of course, that this isn’t a bluff on the part of the attackers. In its statement, CDPR clarifies that the stolen data does not contain any personal information belonging to players.
An investigation is ongoing, and CDPR says it has fixed the security hole that allowed the attackers access in the first place. It didn’t address the claim that sensitive information was in the wild and might appear for download at some point. Likewise, the developer didn’t talk about how, if at all, this attack will slow its progress on fixing Cyberpunk 2077.
Important Update pic.twitter.com/PCEuhAJosR
— CD PROJEKT RED (@CDPROJEKTRED) February 9, 2021
CDPR has been teasing Cyberpunk for the better part of a decade, but the launch in late 2020 was a disappointment for many. The game didn’t run well on current-generation consoles, and even on the PC, you needed a very expensive video card to turn on any of the fancy lighting effects. This is also coming at a time when high-end PC hardware is more expensive and harder to find than usual. The developer has promised several major updates to address the performance issues, but the design of the world has also drawn criticism. For example, Night City police will simply spawn on foot wherever you are when you’ve got a wanted level, but you can’t get in a car chase. Another thing you can’t do in Night City: get a haircut. That’s a little too close to reality right now.
Clearly, CDPR still has a lot of work to do on Cyberpunk, and this will probably delay things. If the attackers do end up releasing or selling the stolen data, maybe we’ll see some internal documents that help explain how Cyberpunk ended up such a mess.
Plex Media Servers Being Used to Amplify DDoS Attacks
The researchers claim that a Plex server, properly utilized, can increase the size of DDoS packets by almost five times, making these attacks much more damaging. There's not much Plex users can do about it right now, either.
Apple Files Lawsuit Against NSO Group for its Pegasus Spyware Attacks
Apple has announced a lawsuit against NSO Group and its parent company over its Pegasus spyware, seeking to prevent the group from using any of Apple's services and hardware in the future.
Nvidia Hit by Possible Cyber Attack
Reports indicate the attack began at the same time as the Russian incursion into Ukraine.
A New Biogel Claims to Repair Heart Attack Damage
The human heart has a hard time healing on its own. This gel might give it the boost it needs to prevent further heart complications after cardiac arrest.