CEO DailyCFO DailyBroadsheetData SheetTerm Sheet

Cyberpunk 2077 maker refuses to play ransomware attacker’s game

February 9, 2021, 11:08 AM UTC

This is the web version of CEO Daily. To get it delivered to your inbox, sign up here.

Good morning. David Meyer here in Berlin, filling in for Alan.

What should you do if you get attacked by online extortionists? If you’re CD Projekt, the Polish studio behind the Witcher games and recent blockbuster Cyberpunk 2077, the answer to the ransomware threat is openness.

This morning, CD Projekt announced on Twitter that someone had gotten into its internal network, stolen data, encrypted some systems, and left a ransom note—which the company also published in the tweet. The attackers threatened to release CD Projekt Red’s source code online and give journalists internal documents relating to accounting, investor relations and so on.

“We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data,” the company said, adding that it has notified law enforcement as well as the Polish data protection authority, even though it doesn’t believe “at this time” that players’ or users’ personal data got caught up in the heist.

CD Projekt’s share price fell as much as 6% on the news, and the replies to its tweet also show a mix of schadenfreude and disbelief on the part of some gamers—Cyberpunk 2077‘s release was plagued by bugs on the PC and older consoles, so its reputation was already precarious. Perhaps the company had no choice but to get ahead of the news, given the added reputational damage that might come from trying to cover up the breach and getting found out.

But leaving aside this context, CD Projekt’s response seems to be the right one. Downplaying the ransomware threat seems foolish when it continues to grow at a rapid pace and when the extortionists are, shall we say, less than trustworthy.

The cybersecurity firm Proofpoint released a survey yesterday suggesting two-thirds of U.S. organizations got hit by ransomware infections last year, and more than half of them agreed to pay the ransom so they could quickly regain access to their data. But only 60% actually got that access after the initial payment—the rest then got additional ransom demands, which most paid.

Probably wise of CD Projekt not to play the attacker’s game, then. More news below.

David Meyer
@superglaze

david.meyer@fortune.com

TOP NEWS

OpenLux

Anti-corruption investigators have followed up on the half-decade-old LuxLeaks exposé with a new investigation showing that Luxembourg "functions as an offshore hub in the heart of Europe," with many companies established there being "owned by people with political exposure, corrupt officials, and even organized criminal groups." Luxembourg strenuously denies the accusation. OCCRP

Chinese vaccine

The COVID-19 vaccine from China's Cansino is 90.1% effective at preventing severe illness and 65.7% effective at preventing symptomatic cases, according to Pakistan's health minister. The good news: it's another single-shot vaccine, like J&J's, which makes it easier than most to roll out. The bad news: like the other Chinese contenders, Sinopharm and Sinovac, Cansino has not published much data beyond flashy headline efficacy figures. Fortune

Reddit valuation

Reddit's valuation doubled to $6 billion in a new funding round that came as the online-community platform garnered attention from its role in the WallStreetBets/Gamestop frenzy. CEO Steve Huffman: "Valuations are very high right now. It never hurts to raise money when there’s an opportunity to do so and Reddit had a strong year." Fortune

HKEX CEO

Hong Kong's stock exchange has picked Nicolas Aguzin, currently chief executive of J.P. Morgan's international private bank, as its new CEO. As Fortune's Naomi Xu Elegant explains: "Picking Aguzin may represent a balance between a chief executive with global expertise and one with local experience." Fortune

AROUND THE WATER COOLER

Tesla's bitcoins

Fortune's Shawn Tully is less than impressed with Elon Musk and Tesla's decision to buy $1.5 billion worth of Bitcoin, and asks how Tesla will make a return on the investment: "Selling coins even at a profit…would send the opposite message from the ringing endorsements that have helped recharge Bitcoin. Elon Musk is a great visionary. Did his vision extend to wondering what happens if he starts taking Bitcoin profits? Or the damage to Tesla if a phenomenon that bearing all the earmarks of a classic bubble explodes?" Fortune

Antitrust competition

China's big antitrust push works towards its goal of becoming a self-sufficient tech superpower, writes the University of Hong Kong's Angela Huyue Zhang in a piece for Fortune: "The Chinese government views antitrust law as a powerful multipurpose tool not only for tackling monopolies, but also for achieving a wide variety of policy objectives, such as maintaining price stability, industrial planning, and trade and foreign policy." Fortune

Trade deal

The U.S.' big "phase one" trade agreement with China a year ago turned out to be a complete bust, according to a new report from the Peterson Institute for International Economics (PIIE). The institute detailed the many ways in which China underdelivered on its commitments—for reasons ranging from the oil-price collapse to the continued existence of high tariffs imposed during the trade war. Fortune  

Class actions

Thanks to a change in EU law, a wave of class-action lawsuits is likely to engulf Big Tech a few years from now. Some countries already allowed such collective-redress mechanisms, but now the rules are being harmonized across the EU, and consumer-rights groups will also be able to coordinate across borders to build their cases. Politico

This edition of CEO Daily was edited by David Meyer.