Cyber Incident Victim: Big Cheese Studio SA
Date:
Jan 2025
Location:
Poland
Summary
Big Cheese Studio SA experienced unauthorized access to its IT systems by individuals using the pseudonym Abuse1337, who demanded a ransom of 100,000 PLN in cryptocurrency under threat of public data disclosure. The company confirmed no data loss, initiated measures to secure its systems, and is assessing the breach's scope while collaborating with external providers to restore functionality, including its website. Development operations remain unaffected, and legal actions are being pursued in coordination with a law firm to address the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On January 24, 2025, Big Cheese Studio S.A., a company based in Łódź, experienced a cybersecurity breach during morning hours. Unidentified individuals operating under the pseudonym Abuse1337 compromised the company’s IT systems, potentially gaining access to internal information and data repositories. The attackers issued a ransom demand of 100,000 Polish złoty in cryptocurrency, threatening to publicly release the company’s data if payment was not made. The company’s management immediately initiated verification procedures to assess the scope of the breach, focusing on identifying the specific systems compromised and the extent of data accessed. No data loss occurred, and the company implemented measures to secure its remaining information assets. The incident did not disrupt ongoing game development projects, according to the management’s initial assessment.
Big Cheese Studio collaborated with external service providers to activate incident response protocols aimed at neutralizing the threat and restoring system functionality. Recovery efforts included work to bring the company’s website back online, though the article did not specify whether the site was fully disabled or partially impacted. Concurrently, the management engaged a legal firm to explore potential legal actions related to the breach. The company emphasized continuous efforts to eliminate vulnerabilities and restore normal operations but did not disclose technical details about the attack vector, data types involved, or whether the ransom was paid. No customer, employee, or financial data specifics were mentioned in the report, and the investigation into the breach’s origins remained ongoing at the time of the disclosure.