The hacking group ShinyHunters is threatening to release stolen data from at least a dozen companies following a breach of business monitoring software provider Anodot, according to reports from Bleeping Computer and BBC News.
Hackers allegedly stole authentication tokens from Anodot, which allowed them to access and siphon reams of customer data from cloud storage. The breach began on April 4, when Anodot's data connectors stopped working, preventing users from accessing cloud-stored information, the company stated on its status page.
One affected cloud provider, Snowflake, disconnected Anodot customers from their data stores after detecting unusual activity, Bleeping Computer reported.
Targeted Cloud Access
ShinyHunters specializes in targeting companies that store large datasets in the cloud. The group often uses social engineering, such as impersonating IT support staff, to gain network access. In recent months, the group has targeted similar platforms including Gainsight and Salesloft to steal passwords and tokens.
Rockstar Games, the developer behind Grand Theft Auto, is among the companies reportedly affected, per gaming news outlet Kotaku.
"We can indeed confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach," Rockstar spokesperson Murphy Siegel told TechCrunch. "This incident has no impact on our organization or our players."
Glassbox, the parent company of Anodot, and Snowflake did not respond to requests for comment regarding the incident.
This breach follows a 2022 incident at Rockstar Games where hackers published an early trailer for Grand Theft Auto VI. The current attack places numerous corporate clients at risk of extortion and the public release of sensitive information.
