Rockstar Games confirms third-party breach hit firm knowledge • The Register

ShinyHunters is again, this time pinning Rockstar Games to its leak web site and claiming it did not a lot hack its method in as stroll by a door another person left broad open.

The crew’s publish, seen by The Register, is about as refined as a brick by a window: “Rockstar Games. Your Snowflake instances metrics data was compromised thanks to Anodot.com. Pay or leak. This is a final warning to reach out by 14 Apr 2026 before we leak along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline.”

Grand Theft Auto developer Rockstar did not reply to The Register‘s questions, however issued a brief assertion to Kotaku confirming that “a limited amount of non-material company information” was accessed through a third-party breach, including that there is not any impression on gamers or operations.

The firm did not say what sort of knowledge was compromised, who was accountable for the assault, or whether or not a ransom demand was made. ShinyHunters can be holding quiet about how a lot knowledge it is sitting on and what precisely it managed to elevate.

However, if the group’s claims are to be believed, the way in which in wasn’t through Snowflake itself, however by Anodot, a cloud cost-monitoring device related to Rockstar’s knowledge warehouse. The declare is that authentication tokens had been lifted and reused, permitting intruders to masquerade as a reliable inner service.

If the claims are legitimate, which means there would have been no intelligent exploit chain – simply legitimate credentials getting used as supposed, solely by somebody who should not have them. If that is how this performed out, it will have regarded like enterprise as ordinary – simply background noise that safety groups are skilled to disregard.

ShinyHunters, in the meantime, is not new to this sport. The group has constructed a popularity on going after APIs, id methods, and SaaS integrations relatively than battering away at hardened perimeters. The miscreants have been linked to a wider run of breaches abusing SaaS integrations and stolen tokens, with victims together with Cisco and Telus, pointing to a broader trawl by shared entry relatively than a one-off hit.

While Rockstar is much from the group’s solely claimed sufferer, this is not the corporate’s first run-in with undesirable visitors both. Back in 2022, the corporate was blindsided by a breach that dumped early GTA VI footage everywhere in the web after a young person was accused of speaking his method into its Slack. The attacker, an 18-year-old from Oxford, was later handed an indefinite hospital order and can solely be launched if medical doctors resolve he is now not a danger. ®