Cloud Imperium Games (CIG), the publisher behind the long-running space simulation project Star Citizen, has disclosed that it suffered a “systematic and sophisticated” cyberattack that led to unauthorized access to limited user data stored in backup systems.
The company says the intrusion was quickly contained and does not pose a risk to users’ financial information or game services.
CIG revealed that the incident occurred on January 21, 2026, when attackers gained unauthorized, read-only access to certain backup systems. According to the statement, the exposed data was limited to basic account information, including:
- Full names
- Account metadata
- Contact details
- Usernames
- Dates of birth
CIG emphasized that no financial or payment information was stored in the affected systems and that passwords were not accessed. The company also stated that no data injection or modification took place.
Cloud Imperium Games is the developer and publisher of Star Citizen and Squadron 42, crowdfunded space simulation titles that have raised hundreds of millions of dollars since development began in 2012. The company operates a global infrastructure supporting millions of player accounts, in-game purchases, and community services.
CIG described the attack as “systematic and sophisticated,” though it has not provided technical details about the initial access vector, the duration of the intrusion, or whether a third-party service provider was involved. The company says it acted quickly to contain the activity, block further access, and refresh security settings across its systems to ensure there is no ongoing threat to its games or users.
CIG stated that the access was read-only, meaning attackers were unable to alter records or inject malicious data into user accounts or backend systems. However, exposure of personally identifiable information (PII), such as names, email addresses, and dates of birth, could still increase the likelihood of targeted phishing attacks or credential-stuffing attempts using data from other breaches.
At the time of writing, no ransomware groups have claimed responsibility for the attack, and there have been no posts advertising the sale of Star Citizen data on known cybercrime forums. CIG also stated that it is actively monitoring for signs that the accessed data is being publicly released and that, so far, there are no indications of such activity.
The company maintains that the incident does not pose a safety risk to users and does not anticipate any impact on gameplay or services.
Star Citizen players are advised to remain cautious, be alert for phishing emails referencing Star Citizen accounts, avoid clicking unsolicited links, and ensure that unique passwords and multi-factor authentication (MFA) are enabled wherever available.
CIG encourages users who notice anything unusual regarding their accounts to contact its support team directly.
If you liked this article, be sure to follow us on X/Twitter and also LinkedIn for more exclusive content.
