In the midst of the Summer Game Fest kickoff, Witcher and Cyberpunk 2077 developer CD Projekt Red quietly let it slip that its February data breach was quite a bit more damaging to the company — and it’s employees — than previously thought. While the studio previously stated the code source for both The Witcher 3 and Cyberpunk 2077 had been stolen during the cyber attack, the company now has reason to believe the stolen information is now circulating the internet and is not solely related to its games, but rather contains “current/former employee and contractor details in addition to data related to [their] games.”
In an effort to put an end to this breach, CD Projekt is reportedly “working together with an extensive network of appropriate services, experts, and law enforcement agencies, including the General Police Headquarters of Poland.” The company also confirmed it has contacted both Interpol and Europol to help with the investigation.
Furthermore, CD Projekt included a list of actions its taken to prevent a data breach from happening again, including an IT infrastructure redesign, a new “remote-access solution,” a limitation on several account’s access, an internal security team expansion, and more. The developer is also assuring former employees and “involved parties” — most likely referring to contracted workers and various PR contacts — it will be doing “everything in its power” to protect their privacy as the details of the breach unfold.
“We would also like to state that — regardless of the authenticity of the data being circulated — we will do everything in our power to protect the privacy of our employees, as well as all other involved parties. We are committed and prepared to take action against parties sharing the data in question.”