Cyberpunk 2077 Development Stalled After CDPR Cyberattack Led To Revoked VPN Access

wet pavement
Yesterday, Cyberpunk 2077 developer CD Projekt Red revealed that it would be delaying the highly anticipated v1.2 Patch. Cyberpunk 2077 v1.2 is supposed to bring another round of bug fixes and performance improvements for the troubled game. At the time, CDPR would only say that the cyberattack earlier this month was responsible for the setback.

However, we're learning today the full extent of the cyberattack. According to Bloomberg's new report, CPDR locked remote employees out of their on-site workstations ever since the initial February 9th attack. This step was taken by CDPR as a security precaution, as it noted in a February 17th statement to employees:

  • Cut off remote access to internal network resources and isolated the internal network from the Internet
  • Initiated malware scans of staff PCs and launched new tools monitoring staff PCs and network activity for anomalies
  • Strengthened the password policy and forced staff to change their passwords to all network services (including those unaffected by the incident)

The lack of VPN access means that employees cannot work from home via a Virtual Private Network (VPN). To regain VPN access, some employees must ship their computers to CDPR to be scanned for malware. Without VPN access, critical work on Cyberpunk 2077 has been hampered. "Although some CD Projekt employees are working from the headquarters in Warsaw, the majority are at home due to the coronavirus pandemic," adds Bloomberg, which explains CDPR's current dire situation.

As if that wasn't bad enough, some CDPR employees had their "personal information including Polish identification numbers and passport details" compromised, according to the report. CDPR told employees to freeze their bank accounts and contact the proper authorities in the event of identity theft resulting from the epic hack.

At this time, CDPR targets a late March release for Patch 1.2, although we feel that the date could be pushed back even further given the extensive damage that the cyberattack has caused.