CD Projekt Red was hacked in February and internal documents and source code for "Gwent," "The Witcher 3 Wild Hunt," and "Cyberpunk 2077" were stolen. The hackers threatened to release the data unless a ransom was paid, but the studio refused. Shortly thereafter, the hackers reportedly began releasing the code, but CD Projekt attempted to contain this with a DMCA takedown notice.

Despite these efforts, earlier this month, stolen data (from source code to internal "comedy bug reels") were left in the wild by databreaches.net (via Eurogamer), and passwords for encrypted files were cracked or? reportedly shared spontaneously. In any case, it appeared that anyone who wanted to access them could.

Today, CD Projekt issued a statement confirming that the data is indeed currently online. 'While we cannot yet confirm the exact nature of the data in question, we believe that it may contain details of current/past employees and contractors, in addition to data relating to our games. 'Furthermore, we cannot confirm whether the data involved may have been manipulated or tampered with after the breach.'

CD Projekt is currently working with law enforcement agencies, including the Polish General Police Command, Interpol and Europol, and other "appropriate services (and experts)" to resolve the issue. It has also implemented a number of new internal security measures to prevent such breaches in the future:

"We make it clear that we are committed to protecting the privacy of our employees and other stakeholders, regardless of the authenticity of the data in circulation," said CD Projekt. We are committed and prepared to take action against parties who share the data in question."

While this is progress, it is also surprising (and, frankly, disappointing) that four months after the attack, CD Projekt still cannot say exactly what data was stolen and who might be affected by it. The timing of today's announcement, which came unannounced during Geoff Keighley's Summer Game Fest Kickoff live stream, also raised a few eyebrows

. I have asked CD Projekt for more information on what data was stolen during the breach and will update if I hear back.