However, the note itself is the source of some doubt, as many have expressed via Twitter. It uses dated and somewhat cliched "hacker" language, referring to the incident as CDPR having been "epically pwned." It also refers to the company having backups of its sensitive information and employs an odd inflection.

"We have encrypted all of your servers, but we understand that you can most likely recover from backups," the note stated. It also threatens to send information to the group's "contacts in gaming journalism," which begs the question: is this some sort of ethical hacking group? What’s the true aim here other than to “expose” CDPR?

The Notepad file wraps up its strange demands by telling CDPR the company has 48 hours to contact the hackers. CDPR stated it does not believe any sensitive user data has been compromised at this point. The studio also has taken measures to secure its IT infrastructure while restoring integral data from the very backups mentioned in the ransom note. Additionally, the "relevant authorities," as well as IT forensic specialists, have been briefed on the situation, CDPR claimed.

On Tuesday afternoon, CDPR issued an update to former employees, saying, "As of this moment, we don't possess evidence that any of your personal data was accessed. However, we still recommend caution (i.e. enabling fraud alerts)."

When reached for further comment, CD Projekt Red declined to offer additional details. A request for comment from the Warsaw Police Department was not immediately returned.

Photo courtesy of CD Projekt Red