Cyberpunk 2077 developer CD Projekt Red has been hit by what it describes as a "targeted cyber attack."
The Polish studio explained it discovered the breach on February 8, and that some of its internal systems and data were compromised as a result.
"An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD Projekt capital group, and left a ransom note (pictured below) the content of which we release to the public," reads a studio statement.
"Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data."
The company's investigation into the breach is still ongoing, but at the time of writing it doesn't look like any personal player data was leaked.
CD Projekt said it has contacted the relevant authorities -- including law enforcement, IT forensic specialists, and the president of the Personal Data Protection Office -- to assist with its investigation.
The studio has also refused to co-operate with the perpetrator, who claims to have obtained the entire source code for Cyberpunk 2077, The Witcher 3, Gwent, and "the unreleased version of Witcher 3," along with HR, administrative, legal, investor, and accounting documents.
"We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data. We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected by the breach."
Update: CD Projekt has tweeted a followup, suggesting that former employees of the studio take precautions like enabling fraud alerts or reaching out to CDPR's privacy team via email, though it currently doesn't have any evidence saying ex-employees' data was included in the breach.