{"id":60250,"date":"2026-03-03T06:24:19","date_gmt":"2026-03-03T06:24:19","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/gamers-furious-as-brit-studio-cloud-imperium-quietly-admits-to-data-breach\/"},"modified":"2026-03-03T06:24:19","modified_gmt":"2026-03-03T06:24:19","slug":"gamers-furious-as-brit-studio-cloud-imperium-quietly-admits-to-data-breach","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/gamers-furious-as-brit-studio-cloud-imperium-quietly-admits-to-data-breach\/","title":{"rendered":"Gamers furious as Brit studio Cloud Imperium quietly admits to data breach"},"content":{"rendered":"

Gamers are ready to unleash their mightiest virtual weapons and point them at British games studio Cloud Imperium, after it sat on news of a data breach and then announced it without fanfare.<\/p>\n

Readers have contacted The Register<\/i> to point out that the company\u2019s (CIG\u2019s) sites have, in recent hours, included a meek popup \u201cService Alert\u201d that advises \u201cWe are aware of an IT incident that impacts some of our users\u201d and offers a link to this page<\/a> that reveals the incident took place on January 21st when the company says it was \u201ctargeted by a systematic and sophisticated attack, resulting in unauthorised access to some backup systems, including limited access to users\u2019 personal data.\u201d<\/p>\n

\n

That went down like a cold bucket of sick to users<\/p>\n<\/blockquote>\n

One of the readers who contacted The Register<\/i> about the incident described the company\u2019s tactics as \u201cNotice duly published in a locked filing cabinet stuck in a disused lavatory.\u201d<\/p>\n

CIG claims it \u201cacted quickly to contain the activity and block further access to this data and CIG systems, and we have refreshed security settings to ensure that there is no threat to our games or our users.\u201d<\/p>\n

Yet the next sentence of the statement says the company does not \u201cconsider the incident poses a risk to the safety of our users\u201d because the data accessed \u201crelates only to basic account details (i.e. metadata, contact details, username, date of birth, and name). No financial or payment information was stored in the affected systems and was not accessible. No passwords were impacted, and the access was read-only. No data-injection or modification occurred.\u201d<\/p>\n