Earlier in the week, Witcher and Cyberpunk 2077 developer CD Projekt RED revealed that it was the target of a massive data theft by a hacking group. The hackers left a ransom message, demanding an “agreement” or else.
CD Projekt RED refused to negotiate, and now reports have emerged alleging the data has been sold off at auction for an unknown sum.
CD Projekt RED Hacked Data Reportedly Sold for Over $7 Million
IGN reported on this story after contacting KELA, which is an intelligence organization that monitors “dark web” activities. Translating forum activities, KELA broke news claiming the data was up for auction, and that the sale was closed this morning.
While we don’t have a number for the overall sale, KELA’s intel does suggest a “blitz” of $7 million USD. That’s the upfront sale number, with who know how much more agreed to privately.
Just in: #CDProjektRed AUCTION IS CLOSED. #Hackers auctioned off stolen source code for the #RedEngine and #CDPR game releases, and have just announced that a satisfying offer from outside the forum was received, with the condition of no further distribution or selling. pic.twitter.com/4Z2zoZlkV6
— KELA (@Intel_by_KELA) February 11, 2021
Other individuals in the cyberintelligence community have pointed towards the ransomware group called “HelloKitty” as responsible for the attack. Fabian Wosar said that the ransom note fits the group’s style, and that this attack “has nothing to do with disgruntled gamers.”
Meaning this incident had nothing to do with the controversies surrounding Cyberpunk 2077’s launch, and CD Projekt RED just happened to be deemed a good target.
The amount of people that are thinking this was done by a disgruntled gamer is laughable. Judging by the ransom note that was shared, this was done by a ransomware group we track as “HelloKitty”. This has nothing to do with disgruntled gamers and is just your average ransomware. https://t.co/RYJOxWc5mZ
— Fabian Wosar (@fwosar) February 9, 2021
While some of the captured data (Gwent source code) was released publicly, this was likely ahead of the auction as one of a few steps to prove it was legit. The total data stolen includes pre-release builds of The Witcher III, source code for several projects including Cyberpunk 2077, and more.
As this has been developing, CD Projekt RED has released statements claiming no customer/player or employee data was stolen, but urged ex-employees to take fraud prevention measures just to be safe.
One of the more interesting aspects of the sale, reportedly, is a condition that the purchased data cannot be sold again or distributed later. Considering the massive price tag, what the buyer intends to do with the data is a big mystery that may never be solved.