As expected, hackers who illegally obtained sensitive CD Projekt Red data in a recent attack, have begun distributing it online.
Earlier this week, CD Projekt Red revealed that it has fallen victim to a major ransomware attack. The studio was asked to contact the perpetrators and come to an agreement, which it refused.
Unsurprisingly, the hackers are now making good on their threats, showing snippets of what they obtained as part of this attack. According to a Cybernews report, hackers have leaked the source code for Gwent on some hacking forum. The post included links to a Mega.NZ archive, though they were later deactivated.
The language of the forum post, and the fact it was titled “CDProject Leak #1” suggest that more will follow in what’s known as a double extortion technique, whereby the perpetrators continue to apply pressure by releasing more and more information, in the hopes of convincing the target to change their mind and pay the ransom. Indeed, the readme file included with the leak says to expect another to follow today.
According to a metadata analysis by Cybernews, the files were transferred on February 6. A different user on a private forum, said to be linked to the leak, also suggested more leaks concerning The Witcher 3, Witcher 3 RTX, Cyberpunk 2077, and Thronebreaker will be made today. According to that person, some of the data is being auctioned off on the same forum.
There’s more at the link. Though nothing major has yet to be published, the implications are severe for CD Projekt Red. As we’ve recently seen with Capcom and Nintendo leaks, so much of the studio’s business secrets and propriety software could be out in the wild.