Cyberpunk 2077 maker refuses to play ransomware attacker’s game

This is the web version of CEO Daily. To get it delivered to your inbox, sign up here.

Good morning. David Meyer here in Berlin, filling in for Alan.

What should you do if you get attacked by online extortionists? If you’re CD Projekt, the Polish studio behind the Witcher games and recent blockbuster Cyberpunk 2077, the answer to the ransomware threat is openness.

This morning, CD Projekt announced on Twitter that someone had gotten into its internal network, stolen data, encrypted some systems, and left a ransom note—which the company also published in the tweet. The attackers threatened to release CD Projekt Red’s source code online and give journalists internal documents relating to accounting, investor relations and so on.

“We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data,” the company said, adding that it has notified law enforcement as well as the Polish data protection authority, even though it doesn’t believe “at this time” that players’ or users’ personal data got caught up in the heist.

CD Projekt’s share price fell as much as 6% on the news, and the replies to its tweet also show a mix of schadenfreude and disbelief on the part of some gamers—Cyberpunk 2077‘s release was plagued by bugs on the PC and older consoles, so its reputation was already precarious. Perhaps the company had no choice but to get ahead of the news, given the added reputational damage that might come from trying to cover up the breach and getting found out.

But leaving aside this context, CD Projekt’s response seems to be the right one. Downplaying the ransomware threat seems foolish when it continues to grow at a rapid pace and when the extortionists are, shall we say, less than trustworthy.

The cybersecurity firm Proofpoint released a survey yesterday suggesting two-thirds of U.S. organizations got hit by ransomware infections last year, and more than half of them agreed to pay the ransom so they could quickly regain access to their data. But only 60% actually got that access after the initial payment—the rest then got additional ransom demands, which most paid.

Probably wise of CD Projekt not to play the attacker’s game, then. More news below.

David Meyer

Latest articles

Moderna begins studying potential COVID-19 vaccine booster targetting variant first detected in South Africa

Drug manufacturer Moderna says it will begin testing a variant-specific version of its COVID-19 vaccine that would target the B1351 variant first detected...

Banks And Investors Are Still Pouring Billions Into Coal Companies

Coal is the number-one single source for increasing global temperatures, with coal-fired electricity generation accounting for 30% of the world’s carbon dioxide emissions....

Sarah Hyland Dyed Her Hair Red And It’s So Gorgeous

"Sarah's been wanting to do this change for a while" ...

Climate change helped some dinosaurs migrate to Greenland

A drop in carbon dioxide levels may have helped sauropodomorphs, early relatives of the largest animal to ever walk the earth, migrate thousands...

Related articles

Leave a reply

Please enter your comment!
Please enter your name here