Cyber Incident Victim: CD Projekt

In March 2016, CD Projekt Red, the Polish developer of The Witcher game series, suffered a breach of its online forums that compromised 1,871,373 user accounts. The incident exposed usernames, email addresses, and passwords stored on the forum system. The breach remained undetected publicly until January 31, 2017, when HaveIBeenPwned, a breach notification service operated by security expert Troy Hunt, disclosed the incident's full scope. Hunt confirmed that 8,110 individual subscribers and 812 domain subscribers to his service were affected, describing this as a "pretty high hit rate." The compromised data appeared in public circulation approximately ten months after the initial intrusion, demonstrating the typical delay between data theft and its eventual exposure. CD Projekt Red acknowledged the breach through a forum statement but provided minimal technical details about the attack vector or intrusion timeline.

Affected users began receiving automated alerts from HaveIBeenPwned on January 31, 2017, prompting discussions on platforms like The Witcher's Reddit community. One user noted the widespread notifications while urging others not to blame the developer excessively, stating "f**k ups happen." The company's primary response consisted of advising forum users to change their passwords as a precautionary measure. This incident formed part of a broader pattern of gaming-related breaches during the period, including a separate compromise of Supercell's Clash of Clans forums affecting 1.1 million accounts in 2025. The CD Projekt Red breach highlighted persistent security challenges facing online gaming communities despite increasing awareness of credential protection practices.