Users of the Atlas Menu cheat service, which provides unauthorized modifications for Grand Theft Auto V and Counter-Strike 2, are reeling after a massive data breach exposed their personal information. According to reporting from www.theregister.com, an attacker successfully compromised the service's entire infrastructure in May, resulting in the public release of 64,000 unique user records.
The breach, which was confirmed by the security monitoring site Have I Been Pwned, includes a wide array of sensitive data. Exposed information consists of usernames, email addresses, IP addresses, support tickets, and passwords protected by bcrypt hashes. The attacker published the stolen database to a public GitHub repository, claiming to have seized control of "all Atlas systems."
Beyond basic account details, the leaked files reportedly contain internal records including administrator logs, license keys, and lists of users previously banned from the service. The breadth of this data goes significantly further than previous security incidents associated with the platform, according to user discussions on Reddit.
Allegations of covert screenshot spying
While the database leak poses a clear risk of identity theft and account takeovers, the incident has introduced a more invasive concern regarding the software's functionality. The attacker behind the breach has alleged that Atlas Menu was surreptitiously capturing screenshots of users' systems while the software was active.
This revelation places the service’s customer base in a particularly precarious position. Users must now contend with the dual threats of a compromised database and the potential existence of hidden surveillance features within the cheat tools they installed on their personal machines.
This security failure arrives shortly after a separate incident at Rockstar Games. In April, the extortion group ShinyHunters claimed to have accessed Rockstar’s internal data via the cloud monitoring firm Anodot. The group threatened to release the stolen information unless specific demands were met. As these incidents mount, the gaming community faces a stark reminder regarding the lack of privacy and security protections inherent in third-party modification services.
