The information stolen from CD Projekt Red this February in its massive data breach has resurfaced, at least according to new reports. This data, which includes the source code for several of CDPR’s games, including The Witcher 3 and Cyberpunk 2077, is allegedly for sale through a new site, though how likely it is that just anyone will be able to access it is anyone’s guess.
The data was stolen from CDPR at the worst possible time: Shortly after the controversial launch of Cyberpunk 2077, which delayed a post-launch patch among other catastrophic fallout. A few months later, the source code was offered in a dark web auction but was sold for an offsite offer, with the stipulation that the hackers wouldn’t distribute or share the data further. Now it appears that the same data is now back online somehow.
According to DataBreaches, “threat actors known as Babuk” changed the name of their site to Payload Bin and offered only one leak so far: CD Projekt Red. The collective claims to have the full source codes for Thronebreaker, Witcher 3, Witcher 3 with raytracing, and Cyberpunk 2077. They also claim to have a cache of internal CDPR documents. To gain access to the data, all they’re asking for is a $10 donation, according to info on Resetera, and they’re offering developer kits on various consoles to prove they’re serious.
It makes one wonder, what happened to the buyer who purchased the data from the original hackers, who got into CDPR with the Hello Kitty ransomware? The understanding was that this data would no longer be distributed after the dust settled, and yet here we are. Meanwhile, CDPR is still hard at work improving Cyberpunk 2077, hopefully to the point where Sony will allow it to slink its way back onto the PlayStation store.