Reading the replies there tells me I did the right thing when I decided against a career in game development over a decade ago.<p>It looks like a constant war between developers and gamers now. Developers are investing a lot of time into making their games literally addictive in the worst way possible, and not even remotely by making it fun - it's all about overpriced DLC, gambling and weird reward systems. Which has ruined mobile gaming and is now making its way into console and PC gaming. As an intern I attended a company-wide meeting where the CEO proclaimed that game quality didn't matter and making money is the sole focus. On the other side of the war, a very vocal subset of the gamers is treating gaming as the only purpose their lives have, and will viciously attack developers personally with death threats and doxxing, or review-bomb even unrelated games into oblivion if the game publisher did something wrong. Which will hardly affect the giants at all (what will you do, <i>not</i> buy the next game from a popular series?), but can crush indie developers. Not to mention the whole work culture that expects any game developer to work 80h per week for less pay because you "love gaming".<p>CDPR devs must be close to a nervous breakdown by now. Crunching for months/years despite their bosses promising it won't happen, seeing their game released too early and then ripped apart by critics and fans, and finally getting their personal data leaked.
The note makes it seem like the attackers got access to their internal network; but the (admittedly little) information I have on the subject indicates that the perforce server was hosted on the internet with username/password access (not cert based authentication as is recommended by Helix these days).<p>I suppose the IT team got overwhelmed with requests to open up the firewall for people working from home during the pandemic and just opened it for the whole internet.<p>CI runners (usually Jenkins) require a perforce user to function and those users often have very simple passwords, this is compounded by the fact that perforce itself does not have any backoff for brute force attempts.<p>Perforce assumes that it's being hosted in a secure environment.<p>The note indicates HR documents were stolen, but I have not seen any evidence of that, it is most likely posturing.
Sucks.<p>I liked cyberpunk, if only because of the story. I like games with decent - excellent stories. Sure, I wish cyberpunk could’ve been even better but it was enjoyable.<p>It’s hard to find games with good stories and lore nowadays, I think.
These hackers are clearly are a misguided bunch. CDPR is the only major studio that doesn't enforce copy protection on their games. The CEO spoke about this multiple times and that's gotten them a lot of goodwill in the gaming community.<p>The fact that some gamers and these hackers are angry that "a software company isn't immune to software bugs" is a testament to a) their lack of maturity and b) a sign of the times.<p>I hope CDPR pulls through and gets past this.
I know this is completely unrelated to the discussion but why is this not a blog post on their actual blog (<a href="https://en.cdprojektred.com/news/" rel="nofollow">https://en.cdprojektred.com/news/</a>) instead of a print screen of a bunch of text?
Does this message sound very artificial, fake to anyone? I haven't seen many ransom messages, a few have been published, but this one and the way it's screenshotted just seems so fake to me
Do companies ever give into straightforward extortion like this? It doesn't seem like it would ever make sense for a company to pay the ransom. Do hackers like these have some kind of smart play that I'm missing?
Ever since gamergate, I can't read the phrase "gaming journalism" without laughing.<p>I'm surprised the extortionists thought such a threat would work. Source code isn't really that valuable.
It's probably too early to know for sure, but do 'we' know that it was just data taken, not data modified / added?<p>I really hope they take proper measures to quarantine, re-validate, etc.