Cloud Imperium faces backlash over delayed data breach disclosure

March 3, 2026

(Adobe Stock)

Gamers are expressing frustration with Cloud Imperium Games (CIG) following a delayed and understated announcement of a data breach. The company revealed that its systems were targeted on January 21st, resulting in unauthorized access to some backup systems and limited personal user data, based on information published by The Register.

The breach, described as a "systematic and sophisticated attack," led to unauthorized access to basic account details including contact information, usernames, dates of birth, and names. CIG claims no financial or payment information was compromised, and passwords were not impacted, stating the access was read-only and no data was modified. However, critics argue that this compromised data is sufficient for crafting phishing campaigns and can be combined with other stolen information to build detailed user profiles.

The company initially notified users via a subtle website popup, drawing criticism for its lack of transparency and a front-page announcement or direct email communication.

Source: The Register

SC Staff

Oracle Corporation location. Oracle offers technology and cloud based solutions II

Data Security

ShinyHunters gang targets Oracle PeopleSoft servers in data theft attacks

SC StaffJune 10, 2026

The ShinyHunters gang is exploiting a combination of old and zero-day vulnerabilities, referred to as a "gadget chain," to target both cloud and on-premises Oracle PeopleSoft instances.