The hacker behind the CDPR ransomware attack on have recently put source codes for Witcher 3, Cyberpunk 2077 and Gwent for auction on a website called EXPLOIT. The news was reported by Tom’s Hardware via. vx-underground, also subsequently picked up by VGC.
Citing Fabian Wosar, Bleeping Computer wrote an article linking the server hacks to a group called HelloKitty.
The amount of people that are thinking this was done by a disgruntled gamer is laughable. Judging by the ransom note that was shared, this was done by a ransomware group we track as "HelloKitty". This has nothing to do with disgruntled gamers and is just your average ransomware. https://t.co/RYJOxWc5mZ
— Fabian Wosar (@fwosar) February 9, 2021
This is following CDPR’s non-compliance with the hacker in coming to an agreement according to a statement issued by the company on the day the hack was revealed; the hacker had given 48 hours to the company threatening a leak in case the agreement fell through. CDPR has also claimed that none of their ex-employees’ data were affected but have also advised caution against fraud calls in the future.
CD Projekt Red stocks took a sharp nosedive on 9th February falling as low as 15 points. As of today, it stands at 269.59 PLN.
To our ex employees: As of this moment, we don't possess evidence that any of your personal data was accessed. However, we still recommend caution (i.e. enabling fraud alerts). If you have questions, please write to our Privacy Team dpo[at]https://t.co/0UUMoqT5tF
— CD PROJEKT RED (@CDPROJEKTRED) February 9, 2021
The starting bid is valued at $1kk ($1,000,000) and includes source codes of other CDPR games like Thronebreaker: The Witcher Tales, Witcher 3 RTX, internal documents as well as files pertaining allegedly to all offences committed by CDPR. The minimum bid is set at $500,000. The ceiling is set at $7,000,000, obtaining which, the stolen documents will be sold immediately.