CD Projekt ransomware hack severely disrupts work on Cyberpunk updates

CD Projekt SA said Wednesday it will delay a promised update to the much-criticized role-playing game Cyberpunk 2077, pinning the blame for its slow progress on a recent security breach. What the Polish publisher didn't say is that most of its employees have been locked out of their workstations for the past two weeks, according to people familiar with the matter.

The work stoppage is the result of a ransomware attack disclosed on Feb. 9. The extent of the disruption, which hasn't been previously reported, poses a major setback to CD Projekt's attempt to rescue a game in desperate need of repairs.

CD Projekt has said it refused to pay a ransom to the hackers. As a result, employees remain unable to log onto the company's virtual private network, making it impossible to access the systems and tools needed to do most of their jobs, said the people, requesting anonymity because they weren't authorized to talk publicly.

Although some CD Projekt employees are working from the headquarters in Warsaw, the majority are at home due to the coronavirus pandemic. CD Projekt didn't immediately respond to a request for comment.

ALSO READ: Cyberpunk maker CD Projekt sued by investor over botched launch

Despite the unplanned vacation, the hack has been a nightmare for employees. The invaders had access to their personal information including Polish identification numbers and passport details, leading the company to tell staff to freeze their accounts and report the security breach to the government and their banks, said the people familiar with the matter. Workers were also asked to ship their computers to the company's IT staff to be scanned for malware or other intrusions, the people said.

One software patch, released last month, focused on bugs and stability issues. The next major update, which was previously expected to arrive this month, is now slated for late March, the company said.

By Jason Schreier