IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Witcher 3 dev forums hacked, 1.8 million accounts stolen

Usernames, passwords and email addresses stolen from the CD Projekt RED forum

Polish game development studio CD Projekt RED has had more than 1.8 million user credentials stolen from its online forum, according to data breach notification website 'Have I Been Pwned?'.

The studio, which is famous for developing the highly successful Witcher franchise, was breached in March 2016 when hackers targeted its online forum, leading to a leak of usernames, passwords and email addresses.

Those signed up to notifications through Have I Been Pwned? were alerted to the breach by email this morning, with users recommended to change their passwords "immediately".

"Whilst the breach occurred in March 2016, sometimes there can be a lengthy lead time of months or even years before the data is disclosed publicly," the message stated, in an email seen by IT Pro. "Have I Been Pwned? will always attempt to alert you ASAP, it's just a question of how readily available the data is."

According to the site's creator, security researcher Troy Hunt, a total of 8,110 individual subscribers received breach alerts, considered a high rate for notifications.

The forum, which is hosted on CD Projekt RED's main website, acts as a news and discussions hub, providing users with gameplay advice and technical support.

The sheer number of affected accounts represents one of the most significant data breaches to have affected a gaming community. Hackers also targeted development studio Epic Games in August 2016, when 800,000 account details were stolen from its gaming forums, although that number is now dwarfed by the latest breach.

E-sports organiser ESEA, which coordinates events for the massively popular Counter Strike, also suffered from a botched ransomware attack in December, which ultimately led to 1.5 million accounts being leaked online as a result.

IT Pro has approached CD Projekt RED for comment but did not receive a reply in time for publication. We will update this story when we hear more.

Main image credit: Thomas McMullan

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021
83% of critical infrastructure companies have experienced breaches in the last three years
cyber security

83% of critical infrastructure companies have experienced breaches in the last three years

11 Nov 2021

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
Electrical explosion reported at Google's Iowa data centre
data centres

Electrical explosion reported at Google's Iowa data centre

9 Aug 2022