Rockstar Games has confirmed a new security breach involving unauthorized access to internal data, attributed to a vulnerability linked to a third-party service. The company, known for the Grand Theft Auto franchise, stated that the impact of this breach is limited.
The hacking group ShinyHunters claimed responsibility for the attack, asserting it has obtained confidential company data and is extorting Rockstar. ShinyHunters has issued a deadline, threatening to leak the data if its demands are not met.
In a statement to Kotaku, a Rockstar spokesperson said, “We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach. This incident has no impact on our organization or our players.” The spokesperson emphasized that no sensitive player data was compromised, nor were operations related to titles like GTA 5 affected.
ShinyHunters alleges it infiltrated the company’s cloud infrastructure, claiming to possess a large volume of internal data. The group declared a demand for payment, warning Rockstar of impending data leaks before April 14, 2026. “Rockstar Games, your Snowflake instances were compromised thanks to Anodot.com. Pay or leak. This is a final warning to reach out by 14 Apr 2026 before we leak, along with several annoying (digital) problems that’ll come your way,” the group stated.
The breach appears to stem from a vulnerability in Anodot, a cloud cost monitoring service integrated with Rockstar’s systems, rather than a direct breach of Snowflake, the cloud data platform. This method of intrusion may have obscured detection, allowing ShinyHunters to collect significant corporate data.
Although the precise contents of the stolen data remain undisclosed, early evaluations suggest it includes internal corporate materials, such as contracts, financial records, and marketing strategies. Such information is critical to Rockstar, especially with anticipation surrounding future Grand Theft Auto releases.
ShinyHunters has previously targeted large corporations like Microsoft, Ticketmaster, Cisco, AT&T, and Wattpad, often either demanding ransom or selling stolen data on underground markets.
