The well-known Polish game developer CDPR recently issued an announcement saying that Cyberpunk 2077 developers were attacked by ransomware, and files on some devices are currently encrypted by ransomware.
At the same time, the hackers also stated that they have collected part of the company’s data, including part of the source code, corporate internal legal affairs, human resources, and financial-related documents.
The hacker hopes to force the victim to pay a high ransom in this way, but the hacker asked the company to contact him to negotiate the ransom and did not directly disclose the amount of the ransom.
In addition, this attack is also targeted. The hacker clearly stated in the document that the source code and new version data of some popular CDPR games have been stolen.
Although this was a ransomware attack launched against CDPR, which caused some of the company’s server data to be encrypted, the hacker’s wishful thinking may be useless.
Because this company has made it clear that it will neither negotiate with hackers nor pay any ransom, even if it is at the risk of leaking the source code.
At present, the company has reported the case to the local law enforcement department. At the same time, the company’s internal engineers are already working on restoring the data.
If there is a data backup, it will not have much impact on CDPR. In fact, the main impact may be the company’s internal data. For example, human resources data may leak some private information of the company’s engineers and employees, but overall it will not have a particularly serious negative impact.
At present, the ransomware industry is quite rampant, and the widespread netting used in the industry has also become a targeted attack, that is, attacks against large enterprises and institutions.
Especially now that the ransomware industry is still prevalent in stealing files while re-encrypting files so that the stolen confidential files can be used to threaten victims to pay the ransom.
However, it is obvious that all data that is circulated on the Internet cannot disappear forever, so as long as these files are stolen, even if the ransom is paid, the security cannot be guaranteed.
Therefore, it is not a big problem for enterprises if they do a good job of daily data backup, as long as they use the backup to restore the data, there is no need to seek the decryption key.
As CDPR said, even if we pay the ransom, the stolen files may still be leaked, so we are not interested in communicating with the threat actors at all.