CD Projekt Red has released a Twitter announcement stating what exactly happened during and after the February security breach, and it hasn't been pretty. In the post, it was explained that new information has been gathered, and now CD Projekt Red "has reason to believe that internal data illegally obtained during the attack is currently being circulated on the Internet." What does this mean? Well, while CD Projekt Red obviously "can't confirm the exact contents of the data in question", they do believe that former and current employee and contractor details in addition to data from CD Projekt Red games has been leaked online. They also don't know if the data has been manipulated or tampered with in the following months since the breach occurred.
As you see in the above Tweet, it links to a site where more information has been posted. CD Projekt Red is in contact with the General Police Headquarters of Poland, Interpol, and Europol. Information has also been shared with the President of the Personal Data Protection Office (PUODO).
What's Been Done?
When you have a breach as significant as CD Projekt Red's, changes have to be made. These include:
- Core IT infrastructure has been redesigned and implemented.
- Next-generation firewalls with "advanced anti-malware protection" has been implemented.
- A new remote-access solution has been added.
- The number of privileged accounts (along with access rights to said accounts) has been limited.
- A new mechanism that protects endpoints, servers, and networks has been added.
- Event-monitoring mechanisms has been improved.
- The internal security department has been expanded.
- Cooperation with multiple external cybersecurity and IT specialists has been established.
If you would like to see the full post, be sure to go here. There's also a page where you can see what CD Projekt Red sent to former employees and contractors here. For more information, stay tuned to TechRaptor.