11 June 2021 at 14:17 UTC
Up to date: 11 June 2021 at 14:27 UTC
Polish gaming firm reported safety incident to a number of regulation enforcement businesses
Online game developer CD Projekt Crimson has provided an replace on its investigation right into a cyber-attack that resulted in inside information and supply code being leaked.
The corporate, which develops widespread video games together with Cyberpunk 2077 and The Witcher collection, was hit by the security breach in February.
In a statement launched final night time (June 10), CD Projekt Crimson mentioned it believes that inside information stolen throughout the assault has been shared on-line.
It reads: “In the present day, we now have realized new info concerning the breach, and now have cause to imagine that inside information illegally obtained throughout the assault is at present being circulated on the web.
“We’re not but capable of affirm the precise contents of the information in query, although we imagine it might embody present/former worker and contractor particulars along with information associated to our games.
“Moreover, we can not affirm whether or not or not the information concerned could have been manipulated or tampered with following the breach.”
Stolen supply code
In a ransom be aware left on the time, attackers claimed they’d pilfered the total supply code for widespread video video games together with Cyberpunk 2077, Witcher 3, and Gwent.
Additionally they mentioned they’d paperwork regarding CD Projekt Crimson’s accounting, administration, and authorized operations.
CD Projekt Crimson, which relies in Poland, mentioned it has knowledgeable related regulation enforcement businesses, together with its home police headquarters, Interpol, Europol, and Poland’s information privateness regulator.
It additionally mentioned that it was strengthened its safety posture within the wake of the incident by taking varied measures together with “redesigning” its core IT infrastructure, limiting the variety of privileged accounts, and entry rights to accounts, and increasing its inside safety division.
The corporate added: “We’d additionally prefer to state that – whatever the authenticity of the information being circulated – we are going to do all the pieces in our energy to guard the privacy of our staff, in addition to all different concerned events.
“We’re dedicated and ready to take motion towards events sharing the information in query.”