“We are not yet able to confirm the exact contents of the data in question, though we believe it may include current/former employee and contractor details in addition to data related to our games.â€.
A week later, the company maintained that the probability of employee personal data being disclosed was “low.†It went on to say that “after our investigation, we have not found any evidence that any personal data was actually transferred outside the company network†and that “due to the attackers’ course of action, we may never be able to say for certain if they actually copied any personal data.â€.It’s not clear why it took CD Projekt Red four months to determine that employee data has likely been affected.Your California Privacy Rights | Do Not Sell My Personal Information