Industry News

Cyberpunk 2077 developers blackmailed after hackers steal plans for upcoming video game

Are you such a video game fanatic that you simply can’t wait to get your paws on sneak previews of upcoming hit titles?

If so, your fervour may be fuelling the criminal activities of an unnamed group of who have targeted a developer of highly popular video games.

Best known for developing The Witcher series of role-playing video games, CD Projekt Red took to Twitter to announce that it had been approached by extortionists who claimed to have stolen files from the company, including “documents connected to early designs for the upcoming game, Cyberpunk 2077.”

CD Projekt Red says it will not pay the ransom being demanded by the thieves, who are threatening to release the stolen files to the general public:

“We will not be giving in to the demands of the individual or individuals that have contacted us, which might eventually lead to the files being published online. The appropriate legal authorities will be informed about the situation.”

“The documents are old and largely unrepresentative of the current vision for the game. Still, if you’re looking forward to playing Cyberpunk 2077, it would be best for you to avoid any information not coming directly from CD PROJEKT RED.”

I applaud CD Projekt Red’s refusal to pay a ransom. Paying extortionists always runs the risk of encouraging blackmailers to strike again, putting not just your own company but others at further risk.

No release date has yet been announced by the Polish game studio for Cyberpunk 2077, which has been in development for years and is keenly anticipated by the game maker’s fans.

For CD Projekt RED, the danger is not just whether assets belonging to the game leaking into the public domain mess up its marketing strategy. There is also the risk that the gaming community will be unimpressed with any sneak previews of early versions of the game stolen by the hackers, and puncture the hype machine.

Recent months have seen a rise in attacks where hackers have threatened to release a company’s intellectual property onto the net unless a ransom is paid.

A month ago, for instance, The Dark Overlord hacking group attempted to blackmail money out of Netflix, before deciding to leak as-yet unaired episodes of hit TV show “Orange is the New Black.”

The same hacking group has previously published 180,000 medical records – including insurance and social security numbers, dates of birth, and payment information – after healthcare firms refused to give in to their demands.

Most recently, a chain of cosmetic surgeries in Lithuania warned that hackers were threatening to release the personal details of clients, including photographs.

Readers with longer memories may recall that in September 2003, a German hacker leaked the source code of the game Half-Life 2 onto the internet, much to the delight of internet users who had become fed up with waiting for the long-awaited video game.

It doesn’t matter that it’s not credit card data or passwords that are being stolen – theft is theft. Just because it’s a video game’s plans and designs that are being held for ransom by the hackers doesn’t make any difference. The threat is real – and could have a commercial impact on the game’s producer.

CD Projekt Red should be applauded for being so transparent about what has happened, as it’s easy to imagine many firms would rather sweep bad news like this under the carpet. What we need now is for game fanatics to exercise some patience and self-control, and resist the urge to hunt out a game before the manufacturer is ready to release it officially themselves.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.