Witcher 3 dev forums hacked, 1.8 million accounts stolen

Usernames, passwords and email addresses stolen from the CD Projekt RED forum

Polish game development studio CD Projekt RED has had more than 1.8 million user credentials stolen from its online forum, according to data breach notification website 'Have I Been Pwned?'.

The studio, which is famous for developing the highly successful Witcher franchise, was breached in March 2016 when hackers targeted its online forum, leading to a leak of usernames, passwords and email addresses.

Those signed up to notifications through Have I Been Pwned? were alerted to the breach by email this morning, with users recommended to change their passwords "immediately".

"Whilst the breach occurred in March 2016, sometimes there can be a lengthy lead time of months or even years before the data is disclosed publicly," the message stated, in an email seen by IT Pro. "Have I Been Pwned? will always attempt to alert you ASAP, it's just a question of how readily available the data is."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

According to the site's creator, security researcher Troy Hunt, a total of 8,110 individual subscribers received breach alerts, considered a high rate for notifications.

The forum, which is hosted on CD Projekt RED's main website, acts as a news and discussions hub, providing users with gameplay advice and technical support.

The sheer number of affected accounts represents one of the most significant data breaches to have affected a gaming community. Hackers also targeted development studio Epic Games in August 2016, when 800,000 account details were stolen from its gaming forums, although that number is now dwarfed by the latest breach.

E-sports organiser ESEA, which coordinates events for the massively popular Counter Strike, also suffered from a botched ransomware attack in December, which ultimately led to 1.5 million accounts being leaked online as a result.

IT Pro has approached CD Projekt RED for comment but did not receive a reply in time for publication. We will update this story when we hear more.

Main image credit: Thomas McMullan

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/ddos/28039/how-to-protect-against-a-ddos-attack
Security

How to protect against a DDoS attack

25 Oct 2019
Visit/data-breaches/29418/equifax-data-breach-cost-14-billion-so-far/page/0/1
data breaches

Ex-Equifax CIO to serve four months for insider trading

2 Jul 2019
Visit/data-breaches/29418/equifax-data-breach-cost-14-billion-so-far
data breaches

Ex-Equifax CIO to serve four months for insider trading

2 Jul 2019
Visit/data-breaches/29418/equifax-data-breach-cost-14-billion-so-far/page/0/2
data breaches

Ex-Equifax CIO to serve four months for insider trading

2 Jul 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019