The ShinyHunters cybercrime group has claimed responsibility for breaching systems linked to Rockstar Games, threatening to release stolen data if a ransom is not paid.
The group stated it accessed Rockstar’s cloud-hosted data and issued a deadline of April 14 for a company response.
Rockstar Games confirmed that some company data was accessed but downplayed the severity of the intrusion.
“We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach,” a company spokesperson told Kotaku. “This incident has no impact on our organization or our players.”
Supply chain vulnerability
ShinyHunters claimed on its dark web site that the breach targeted Rockstar’s Snowflake cloud environment. The group alleges the intrusion occurred through Anodot, a cloud cost-monitoring and analytics platform.
Security reports suggest attackers obtained authentication tokens from Anodot to access customer Snowflake accounts without directly breaching Rockstar or Snowflake systems. Anodot uses AI-driven analytics to help companies track cloud infrastructure spending and detect anomalies.
This incident appears part of a broader supply-chain compromise involving Anodot. The group previously claimed it discovered authentication tokens that allowed access to the cloud environments of more than a dozen organizations.
ShinyHunters, a financially motivated group active since 2020, has a history of targeting major corporations. In January, the group claimed responsibility for hacking Match Group, the operator of Tinder and Hinge.
Rockstar Games, the developer of the Grand Theft Auto franchise, has faced previous high-profile attacks. In 2022, hackers leaked internal footage and development materials from an upcoming GTA title after breaching company systems.
