CD Projekt Red: Ransomware attack
Polish video game maker CD Projekt confirmed that they were victims of a targeted cyberattack, compromising internal systems. The company, which is known for hugely popular games such as The Witcher and Cyberpunk 2077, identified its internal network’s unauthorised access, where the actor collected data belonging to CD Projekt Capital Group.
The attacker left a ransom note, threatening to release the data to the public if the ransom was not paid within 48 hours.
Cyber-attacks continue to show an upward trend, as more companies rely on digital technologies and new vulnerabilities are presented as more people work remotely.
See the post here: https://twitter.com/cdprojektred/status/1359048125403590660
How CD Projekt responded to the ransomware
CD Projekt has publicly stated that it will not give in to the demands of the ransomware. Certain data held on network devices have been encrypted. However, the video game maker has backups, which remain intact.
The company is now restoring its data from the backup and has removed the vulnerabilities that enabled the cyber attack. CD Projekt acknowledges that refusing the ransomware demands may lead to the compromised data being made public. However, initial analysis indicates that no personal data of gamers, employees, and ex-employees have been collected.
CD Projekt has taken the appropriate steps of reporting the incident to law enforcement and the relevant authorities, including the President of the Personal Data Protection Office. Forensic IT specialists are investigating the incident, and the company continues to cooperate with authorities, who will thoroughly investigate the incident.
CD Projekt has stated that it will contact any parties that may be affected by the breach.
Unfortunately, this is not the first time that the company has suffered a ransomware attack. In 2017, early work on the Cyberpunk 2077 game was hacked. Following its launch, Microsoft and Sony offered players refunds, citing poor performance and bugs.
Protecting your business from ransomware
High-value businesses and SMEs continue to be at risk of ransomware attacks. The repercussions are often severe, damaging brand reputations, exposing personal data, and receiving fines.
While it is impossible to remove cybersecurity risks altogether, it is vital that businesses take a preemptive approach to security. Penetration testing and vulnerability scanning are the foundation of good cybersecurity and should be scheduled regularly.
To arrange pen testing and vulnerability scanning for your organisation, please contact Omnicyber Security.