CD Projekt Red warns employee details may have been obtained in previous ransomware attack

CD Projekt Red warns employee details may have been obtained in previous ransomware attack
Ben Borthwick Updated on by

Posted in News

Video Gamer is reader-supported. When you buy through links on our site, we may earn an affiliate commission. Prices subject to change. Learn more

Cyberpunk 2077 developer CD Projekt Red has warned that current and former employee details may be caught up in the data stolen in a ransomware attack the studio suffered back in February.

In a statement released yesterday, the studio followed up with new information from found during its investigation into the breach. It said “We have learned new information regarding the breach, and now have reason to believe that internal data illegally obtained during the attack is currently being circulated on the Internet.”

“We are not yet able to confirm the exact contents of the data in question, though we believe it may include current/former employee and contractor details in addition to data related to our games. Furthermore, we cannot confirm whether or not the data involved may have been manipulated or tampered with following the breach.”

The studio says it is working with the appropriate authorities, including the General Police HQ of Poland and international agencies Interpol and Europol. The team have also taken additional measures to secure and harden their internal systems to prevent a similar incident happening in the future.

“We would also like to state that — regardless of the authenticity of the data being circulated — we will do everything in our power to protect the privacy of our employees, as well as all other involved parties. We are committed and prepared to take action against parties sharing the data in question.”

The studio first announced it had been the victim of a cyber attack back in February, where it said that “An unidentified actor gained unauthorised access to our internal network, collected certain data belonging to CD Projekt capital group, and left a ransom note the content of which we release to the public.” CD Projekt Red refused to capitulate to the hackers’ demands, and some of the data is reportedly circulating around the shadier areas of the internet.

Anyone who believes they may have been affected by the data breach is encouraged to get more information from and follow the guidance on the CD Projekt Red website.