CD Projekt shared an update on the February security breach yesterday, providing new information on the data that may have been leaked.
According to the message shared on the company’s Official Website, CD Projekt believes that current and former employee and contractor details may have been leaked in addition to the data related to the company’s games like The Witcher 3 and Cyberpunk 2077 source code.
We are not yet able to confirm the exact contents of the data in question, though we believe it may include current/former employee and contractor details in addition to data related to our games. Furthermore, we cannot confirm whether or not the data involved may have been manipulated or tampered with following the breach.
CD Projekt also confirmed that they have now taken multiple measures to improve their security and prevent future breaches.
Since the breach, we have taken multiple measures to secure and harden our internal systems to protect against breaches like this in the future. These measures include the following:
- CD Projekt core IT infrastructure has been redesigned and rolled out;
- new next-generation firewalls with advanced anti-malware protection have been implemented;
- a new remote-access solution has been employed;
- the number of privileged accounts, and access rights to accounts, has been limited;
- a new mechanism for the protection of endpoints, servers, and networks has been installed;
- our event-monitoring mechanisms have been improved;
- we have expanded our internal security department;
- we have established cooperation with multiple external cybersecurity & IT specialists.
We would also like to state that — regardless of the authenticity of the data being circulated — we will do everything in our power to protect the privacy of our employees, as well as all other involved parties. We are committed and prepared to take action against parties sharing the data in question.
More information on the CD Projekt security breach can be found at this link.