CD Projekt Red Says Internal 'Cyberpunk 2077' Files Are Being Ransomed

CD Projekt Red announced that someone is ransoming internal documents, some of them related to the upcoming Cyberpunk 2077 RPG, in exchange for an undisclosed sum. The company said it "will not be giving in" to the demands, which could result in the files being published.

Cyberpunk 2077 was announced in 2012, and details about the game have been scarce ever since. CD Projekt Red has said the game will use an updated version of the engine used in The Witcher 3: Wild Hunt, the wildly successful open-world RPG that debuted in May 2015, and that it will feature a multiplayer element. That's about it--the Polish game developer has otherwise stayed pretty mum about Cyberpunk 2077's details.

That could leave some champing at the bit for the chance to learn more about the game, which could explain why somebody thought CD Projekt Red might pay a ransom in exchange for keeping internal documents private. But it doesn't seem like the developer's going to cave to any demands. Here's some of what CD Projekt Red said about the situation in a statement published on Twitter earlier today:

The documents are old and largely unrepresentative of the current vision for the game. Still, if you're looking forward to playing Cyberpunk 2077, it would be best for you to avoid any information not coming directly from CD PROJEKT RED. [...] When the time is right, you will hear about Cyberpunk 2077 from us -- officially.

Holding documents for ransom has become increasingly common over the last year. Often this takes a different form, where attackers encrypt the files and promise to unencrypt them if they're paid, often in Bitcoin. Ransomware can make it hard for companies to operate--especially if the extortionists manage to affect critical files--but their information usually stays private. CD Projekt Red's situation differs in that it seems like the files were merely stolen, not encrypted or otherwise compromised. This scheme appears to be limited to someone looking for hush money.

This isn't the first time CD Projekt Red has been targeted. Earlier this year, details emerged about a March 2016 hack of the company's forums that compromised the usernames, email addresses, and salted passwords of nearly 1.9 million people. Information from that hack may have been used to gain access to CD Projekt Red's internal files, but for now it doesn't seem like a coordinated attack on the game developer.

Nathaniel Mott
Freelance News & Features Writer

Nathaniel Mott is a freelance news and features writer for Tom's Hardware US, covering breaking news, security, and the silliest aspects of the tech industry.

  • mubin
    I wanna play the game, dont want to read some file that my spoil my taste of Cyberpunk 2077. After playing Witcher 3, i am waiting for CD Projekt Red's next big hit.
  • hahmed330
    Never negotiate with hacker scùm... If you do it never ends...
  • clonazepam
    I hope moderators of this forum and others treat it as stolen property and don't allow it to be shared anywhere. If you come across this information and think you'd like to share it with others, consider yourself trafficking stolen goods. That's my 2 cents.
  • CyberPunkWarrior
    It all sounds like a very good marketing campaign for me. And also like the plot of a Cyberpunk 2020 game: a netrunner steals files from a corporation and then asks for a ransom for them. In the game, though, they would sell it to a Fixer, but in this case, is released on the net.

    And as a marketing move is BRILLIANT: they have the people talking about the game like crazies without showing a single image of it. Also, the timing is convenient: so close to E3, and with a statement said shortly ago that the marketing campaign was already planned. If this is a marketing campaign, is the work of a GENIOUS.

    Credit: I got the theory from here:
  • hoofhearted
    Sounds like a publicity stunt.
  • RomeoReject
    I doubt that it's a publicity stunt, given how quick they are to distance themselves from it. They also wouldn't be point out the poor quality of the stolen files if they were using it to build hype.