Video game developer CD Projekt S.A., the maker of “Cyberpunk 2077,” has been struck by a ransomware attack that resulted in data stolen.

The company said in a tweeted statement today it detected a cyberattack that compromised some of its internal systems Feb. 8. An unidentified actor is described as collecting certain data belonging to the CD Projekt capital group and leaving a ransom note.

The attackers claimed in the ransom note that they had stolen the source code for the games “Cyberpunk 2077,” “Witcher 3,” “Gwent” and an unreleased released version of “Witcher 3” along with documents relating to accounting, administration, legal, human resources, investor relations and more.

CD Projekt noted that although some devices in its network had been encrypted, backups remained intact and it had begun restoring data. “We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of compromised data,” the company said. The compromised systems did not include any personal data of players and users of the company’s services.

Although CD Projekt did not reveal the form of ransomware, security researcher Fabian Wosar from Emisoft Ltd. said the attack involved HelloKitty — not the cute Japanese cartoon character but a form of ransomware and a related group that has been active since November.

The amount of people that are thinking this was done by a disgruntled gamer is laughable. Judging by the ransom note that was shared, this was done by a ransomware group we track as "HelloKitty". This has nothing to do with disgruntled gamers and is just your average ransomware. https://t.co/RYJOxWc5mZ

— Fabian Wosar (@fwosar) February 9, 2021

CD Projekt added that it has contacted authorities and engaged information technology forensic specialists to investigate the attack.

“CD Projekt is the studio that produced ‘Cyberpunk 2077,’ one of the biggest and most high-profile releases across all media in 2020,” Simon Mullis, director of technical account management at endpoint security and systems management company Tanium Inc., told SiliconANGLE. “Aside from the ‘life imitates art’ nature of this story — given the subject matter of the game — this attack shows that anyone can be vulnerable to ransomware, even tech-savvy organizations.”

In companies the size of CD Projekt, which has more than 1,000 staffers, there’s often a silo between IT operations and security, Mullis explained. “This division can cut off visibility of what’s going on in a corporate network and leave organizations exposed to disruption, reputation damage and significant financial cost,” he said. “When organizations encourage collaboration between these two teams, they are more likely to achieve the high level of IT hygiene that’s needed to achieve a good level of defense against ransomware attacks.”

Jon Niccolls, an incident response lead at cybersecurity solutions provider Check Point Software Technologies Ltd., noted that these so-called double extortion ransomware attacks, where the hackers steal data and threaten to leak it unless their demands are met, are increasingly common: In the third quarter of 2020, nearly half of all ransomware incidents included a threat of releasing stolen data.

“It’s a trend that will continue to grow because it puts extra pressure on organizations to pay the ransom, or risk fines from data watchdogs if volumes of individuals’ data are compromised and publicly disclosed by the hackers,” he said.

Photo: Spy-cicle/Wikimedia Commons