CD Projekt RED using DMCA takedowns to counter stolen code leaks

The Polish developer’s data and game source codes were stolen earlier this month

CD Projekt RED is reportedly using Digital Millennium Copyright Act (DMCA) takedowns of stolen game codes on Twitter to curb the spread of its data.

According to a Vice report, the Polish game developer issued DMCA infringement notices to two Twitter users who shared links on the social media platform containing stolen source codes of several CD Projekt RED IPs. The two users’ posts were taken down on Thursday (February 18) by Twitter as a result of the copyright strikes.

A DMCA takedown typically involves any article of illegally shared data or intellectual property by a third party if they have not been authorised to do so.


The notices were sent to the users via email from a copyright monitoring firm, according to a copy of the email that was obtained by Vice’s Motherboard. The email includes a description of one of the infringement notices that reads: “Illegally obtained source code of Gwent: The Witcher Card Game. Posted without authorisation, not intended to be released to the public”.

The email also included links to tweets from three other Twitter users, whose posts have also been taken down.

CDPR announced earlier this month that it was the target of a cyber ransomware attack, and that the hackers had stolen game source codes – including titles like Cyberpunk 2077, Gwent, and an unreleased version of The Witcher 3. Also stolen were “documents relating to accounting, administration, legal, HR, investor relations and more”.

CDPR noted that it refused to give in to the hacker’s demands, and that investigations are currently underway. The hackers had threatened that CDPR’s “public image will go down the shitter”. They also alleged that “investors will lose trust in your company, and stocks will dive even lower”.

CD Projekt RED also issued a short statement on Twitter to its former employees, saying: “[We] don’t possess evidence that any of your personal data was accessed.” Regardless, the company has recommended former team members to be on the look out for fraudulent alerts.

See the tweet below.



Following the developer’s lack of cooperation, the hackers claim to have sold the stolen data. On February 11, darknet intelligence firm Kela tweeted that the hackers received “a satisfying offer” and were “forced to remove the lot from sale”.

You May Like