After CD Projekt RED refused to comply with the demands of the hacker who hacked the source code of most of the company’s latest titles with a ransomware attack, the individual leaked the source code for GWENT (its card game based on The Witcher 3) and auctioned the code for the RED Engine graphics engine and the games including Thronebreaker: The Witcher Tales, The Witcher 3 Complete Edition, the announced next-gen version of The Witcher 3 with ray tracing (to which the hacker refers such as “Witcher 3 RTX”) and Cyberpunk 2077 .

As reported by the deep web watchdog KELA, an intelligence group that has a history of closely monitoring this type of cybercrime, it appears that the data of the Polish company was sold at an auction in which up to seven million dollars were paid in Bitcoin (currency in which the hacker asked to be paid, since it cannot be traced, of course). The offer came from outside the forum where the data was being auctioned, and the buyer paid said sum on the condition that the files will not be sold further. The identity of the buyer will never be known, but it could easily have been someone from CD Projekt RED, even if they cannot publicly say so.

CD Projekt RED has yet to release an official statement on this auction, but has confirmed that the data was stolen from its servers. The company has not announced any further details.

Needless to say, this ransomware occurred at a very inopportune time for CD Projekt Red. In December, the studio released its first-person action RPG game, Cyberpunk 2077, which has been criticized for numerous bugs and lack of optimization on older consoles. The CD Projekt co-founder publicly apologized last month and promised patches that will fix the bugs, and users are waiting for patch 1.2 after 1.1 was released followed by hotfixes 1.11 and 1.12 for PC (the latter to avoid vulnerabilities with mods).