Leaked CD Projekt data "may include" employee and contractor details, according to the developer

CD Projekt's data breach situation continues to get worse.

Seemingly hoping everyone will be too busy with Summer Game Fest and E3 to notice, CD Projekt has posted an update on its security breach.

The developer said in a post that while it is unable to confirm the exact content of the stolen data, it is aware that the data is being shared online. To that end, CD Projekt believes it "may" include employee and contractor details, for current and former staff. The developer also confirmed that the packages contain "data related to our games."

The update comes in the wake of a second wave of leaks, which is said to contain more sensitive data, such as game source code, bug montages intended for internal use, and even censor flags for different content, including one specifically for China.

CD Projekt added that since being made aware of the breach in February, the studio has redesigned its IT infrastructure, expanded its security department, installed "next-generation" firewalls with advanced detection, limited account privileges, and increased monitoring mechanisms.

In response to the new leaks, CD Projekt said it's working with a network of experts and law enforcement agencies, including the General Police Headquarters of Poland. The developer has also contacted the Interpol and Europol, and presented a case to the President of the Personal Data Protection Office (PUODO).

"We would also like to state that - regardless of the authenticity of the data being circulated - we will do everything in our power to protect the privacy of our employees, as well as all other involved parties," CD Projekt's statement reads. "We are committed and prepared to take action against parties sharing the data in question."