Not for their programmers. Be one hell of a misplaced comma for CP2077 though considering all the issues present.
Definitely kudos to CDPR for making this public, and thanks for the heads up.
Apart from that: That dude mentions that he hacked into a CI-server. I would assume that server was unpatched and had a door open to the internet. Which wouldn't surprise me with most folks in home-office these days requiring remote access.
Yes, that kind of stuff shouldn't happen and yet it does - not just to CDPR. Other companies most certainly had the same thing happen to them, but just quietly restored the backups and never talked about it.
The attacker most certainly downloaded a few recent (or even not-so-recent) builds that were still cached and (allegedly) unreleased patches. Again: Meh! Source code is not a mythical resource that gives you special powers. Had he been able to modify sources of the Galaxy client, Gwent, or GOG server applications to perhaps introduce a backdoor, this would have been a whole different story, but this is apparently not the case.
He then encrypted all servers he could encrypt - and in doing so accidentally just told CDPR which system he could access and which he couldn't.
He also didn't mention e-mails or anything of importance, really, so I he likely didn't have those, else he would have surely bragged about it.
My bet is that he only had the CI server and maybe read-access to a public file server within the company, as the later would likely have had all the random documents he bragged about having. Most companies have some sort of badly secured, lazy network share which every employee and every other server typically has access to, where you shouldn't store anything important and that yet nobody usually bothers to clean up in any reasonable intervals.
I guess what people should take away from this is that the question is not wether a system "can" be hacked, but "when". The only data that is perfectly save is the data you never collected in the first place.