CD Projekt has presented new information in connection with the hacking attack on the company's servers that took place in February this year. The Polish company - responsible for The Witcher series and Cyberpunk 2077, among others - says it has reasons to believe that the information stolen by hackers and available on the Internet are not only source codes of some games but also personal data of current and former employees.
In an official note posted on the Polish company's website we can read that at the moment it is difficult to say whether the stolen personal data have not been modified or manipulated in some way. CD Projekt declares cooperation with law enforcement agencies, including Interpol and Europol and assures that it will make every effort to protect the privacy of its employees. To this end, the company has taken a number of measures.
"Since the breach, we have taken multiple measures to secure and harden our internal systems to protect against breaches like this in the future. These measures include the following:
- our core IT infrastructure has been redesigned and rolled out;
- new next-generation firewalls with advanced anti-malware protection have been implemented;
- a new remote-access solution has been employed;
- the number of privileged accounts, and access rights to accounts, has been limited;
- a new mechanism for the protection of endpoints, servers, and networks has been installed;
- our event-monitoring mechanisms have been improved;
- we have expanded our internal security department;
- we have established cooperation with multiple external cybersecurity & IT specialists."
Recall that the company fell victim to a hacking attack in February this year, about which it immediately informed the whole world. At first, it seemed that the data stolen by hackers included "only" source codes of Cyberpunk 2077, The Witcher 3 and Gwent - the first two were to be sold on auctions in the darknet, and links leading to the third were distributed via Twitter. Now it appears that much more data was stolen.
The company's attitude in the face of the theft was admirable - they refused to pay the ransom and rejected attempts of any negotiation by the hackers. Instead, CD Projekt decided to fight the criminals, the consequence of which is today's announcement.