CD Projekt Red was the victim of a ransomware attack, during which an "unidentified actor" stole data from the studio's internal network.
The Cyberpunk 2077 developer disclosed the incident on Twitter, saying that "some of [its] internal systems have been compromised." It also shared the ransom note from the hacker, who claims to have stolen the source codes for Cyberpunk 2077, The Witcher 3, Gwent, and "the unreleased version of Witcher 3."
"We have also dumped all of your documents relating to accounting, administration, legal, HR, investor relations, and more," the message continued. "If we will not come to an agreement, then your source codes will be sold or leaked online and your documents will be sent to our contacts in gaming journalism."
The hacker added that they encrypted CD Projekt Red's servers, but the studio confirmed that its backups remained intact, and that it has "already secured [its] IT infrastructure and begun restoring the data."
The perpetrator of the attack gave CD Projekt Red 48 hours to contact them, but the studio confirmed that it will "not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data."
The company added that it's taking the "necessary steps to mitigate the consequences" should the data be leaked.
The personal data of CDP players has not been compromised, but the studio is still investigating the attack and has already got in contact with the authorities.
Late last year, Ubisoft was the victim of a similar ransomware attack, with a group claiming to have leaked the source code for Watch Dogs Legion. Koei Tecmo and Capcom were also targeted by cyber attacks recently.