Cyberpunk 2077 Is "Far, Far Bigger Than The Witcher 3" Says Dev

[FunkMonk]

This game is something to look at:







And then there's this guy:

[Duque de Bragança]

Old-school moustaches in 2077? Why not.

[Sheilbh]

They're back in fashion in 2020

[Duque de Bragança]

They're back in fashion in 2020

Like the mullet? The mullet-mustache combo as well?

[FunkMonk]

CD Projekt got hacked and the culprits are threatening to release the Cyberpunk 2077 source code, among many other things. CDPR released the ransom note to the public on Twitter.

Perhaps not entirely surprising for a game called Cyberpunk.

[Jacob]

CD Projekt got hacked and the culprits are threatening to release the Cyberpunk 2077 source code, among many other things. CDPR released the ransom note to the public on Twitter.

Perhaps not entirely surprising for a game called Cyberpunk.

Lots of that going around.

Personally I would recommend keeping radio silence on something like this... though I guess releasing the info can serve as an excuse for slow fixes and updates.

[celedhring]

CD Projekt got hacked and the culprits are threatening to release the Cyberpunk 2077 source code, among many other things. CDPR released the ransom note to the public on Twitter.

Perhaps not entirely surprising for a game called Cyberpunk.

Lots of that going around.

Personally I would recommend keeping radio silence on something like this... though I guess releasing the info can serve as an excuse for slow fixes and updates.

EU rules force companies to communicate hacks to their countries' regulatory bodies if personal data might have been compromised. They don't need to tweet about it, but obviously since the information would have become public it's better to get in front of it ASAP.

[FunkMonk]

I feel bad for all the employees whose names, addresses, and phone numbers are very likely out in the wild now for all those insane manchildren who took personal offense at Cyberpunk 2077 not being their ultimate dream video game.

[Jacob]

EU rules force companies to communicate hacks to their countries' regulatory bodies if personal data might have been compromised. They don't need to tweet about it, but obviously since the information would have become public it's better to get in front of it ASAP.

Yeah that makes sense, though source code shouldn't have any personal data in. Of course, once compromised it's difficult to say what the hackers did or did not have access to, so of CDPR did keep customer personal data anywhere they might have no choice but to disclose.

[Jacob]

I feel bad for all the employees whose names, addresses, and phone numbers are very likely out in the wild now for all those insane manchildren who took personal offense at Cyberpunk 2077 not being their ultimate dream video game.

It's not a given that those things were accessed. If, for example, that information lived in a cloud-based HR system (very common) and the company's servers were compromised, it's not a given that the hackers gained access to any cloud-based systems.

[garbon]

I feel bad for all the employees whose names, addresses, and phone numbers are very likely out in the wild now for all those insane manchildren who took personal offense at Cyberpunk 2077 not being their ultimate dream video game.

It's not a given that those things were accessed. If, for example, that information lived in a cloud-based HR system (very common) and the company's servers were compromised, it's not a given that the hackers gained access to any cloud-based systems.

The hackers sort of claimed to though hard to know nature of what they actually took. Could just be some HR policy manuals.

[Sheilbh]

EU rules force companies to communicate hacks to their countries' regulatory bodies if personal data might have been compromised. They don't need to tweet about it, but obviously since the information would have become public it's better to get in front of it ASAP.

Yeah and given their statement I think they will have had to notify their regulator (you don't if it's low risk) because the wording of that statement is "to the best of our knowledge" no personal data was touched. Which basically sounds to me like the backdoor was open, we know someone was in our systems but we can't definitively work out what they did while they were there.

But if it was high risk given the personal data involved then they have to notify individuals (or the world for something like a game) but that statement doesn't include the information you need.

My guess based on their statement is that they probably don't have the logs to rule out access to personal data (and I imagine a lot of personal data, if not particularly interesting stuff), but it's unlikely and what they're trying to do is get ahead of the situation and manage it. Also once it's with the regulator and law enforcement it is probable that the information will come out so from a PR/reputational perspective you probably want to manage how that's presented and it makes clear that if this stuff is released that it's been stolen which makes it easier to issue injunctions against people for hosting it etc. You wouldn't have to reveal that for an injunction to work/be granted but now this is public knowledge if you host it you basically know, or should know, you're handling stolen goods.

[The Brain]

I feel bad for all the employees whose names, addresses, and phone numbers are very likely out in the wild now for all those insane manchildren who took personal offense at Cyberpunk 2077 not being their ultimate dream video game.

It's not a given that those things were accessed. If, for example, that information lived in a cloud-based HR system (very common) and the company's servers were compromised, it's not a given that the hackers gained access to any cloud-based systems.

The hackers sort of claimed to though hard to know nature of what they actually took. Could just be some HR policy manuals.

The hackers are little children?

[DGuller]

I think it's time for stuff like this to be treated on a national level.  These ransomware attacks are usually conducted across the border, so really it shouldn't be solely up to companies to defend themselves.  Defending citizens against foreign bad actors is kind of a basic job responsibility for every government.

[Razgovory]

I heard they built an annex on the eighth circle for hackers.