CD PROJEKT RED Hit by Ransomware Attack

CD PROJEKT RED tweets that they are the victims of a ransomware attack. They say no user information was compromised to their knowledge and they are restoring their data from backups. They offer a copy of the ransom note where the attackers say they have "full copies" of the source code for Cyberpunk 2077, The Witcher 3, Gwent, and "the unreleased version of Witcher 3." CDPR says they do not plan on acceding to any ransom demands, and that they are cooperating with the authorities:
Yesterday we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised.

And unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note the content of which we release to the public. Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data.

We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data. We're taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.

We're still investigating the incident, however at this time we can confirm that – to our best knowledge – the compromised systems did not contain any personal data of our players or users of our services.

We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them in order to fully investigate this incident.