CD Projekt Red posted an announcement on their official Facebook page today about a serious cyber-attack that was launched on their internal systems. As per the note left behind, data that was compromised and stolen includes source code data on Cyberpunk 2077, Witcher 3, Gwent, and an unreleased version of Witcher 3. Furthermore, the attackers also stole internal files including administrative, accounting, legal, HR, and investor relations information.
Holding CD Project Red‘s data as ransom is massive news. CDPR has already declared its intention to stand against this act and will hold no negotiations with the perpetrator. The effects of this remain to be seen, given the rough time CDPR already had with Cyberpunk 2077 and its console release. It is an irony that CP2077 depicts precisely this sort of activity. Nonetheless, while it may entertaining to do these things within the confines of a game, seeing this perpetrated in actual life is no laughing matter.
As a gamer and as an entrepreneur, I would say that the bigger landmine would be the internal business documentation that was stolen. Accounting records, HR records, investor information, and other documentation. These can be potentially bigger problems for CDPR down the line. The information here can be used by competitors on multiple levels to probe for weaknesses in CDPR, particularly with their talent pool.
The stolen source code is of course also still a major problem, only mitigated by the fact that the data stolen were of games already fully released and presumably protected by IP laws. Nonetheless, losing the heart of their current franchises will no doubt affect company stock prices for CDPR, which will hit investor confidence. Aside from this, it remains to be seen what immediate repercussions this will have on CDPR.