Rockstar Games confirms it was hacked by malicious group — ‘ShinyHunters’ takes credit, gives until April 14 to pay ransom or it will release confidential data

Rockstar Games confirms it was hacked by malicious group — 'ShinyHunters' takes credit, gives until April 14 to pay ransom or it will release confidential data

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works .

Rockstar Games seems to have been hacked yet again, this time by the popular group "ShinyHunters" that has also compromised other large companies before . The attack was first spotted by Cybersec Guru , who later got a quote from a Rockstar spokesperson confirming it had been breached. The group has stolen confidential data and is holding the company at ransom for it, with a payment deadline set for April 14.

"Rockstar Games, your Snowflake instances were compromised thanks to Anodot.com. Pay or leak. This is a final warning to reach out by 14 Apr 2026 before we leak, along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline.” — ShinyHunters on their website.

There is little info as to what this data includes (or the ransom amount) since most of the conversation is cordoned off to the dark web, where such sales often occur. Previously, Rockstar was hacked in 2022, where a single person was able to access internal development channels and acquire nearly 100 early gameplay videos for GTA VI, including, allegedly, the source code for both GTA VI and GTA V .

You may like The FBI is looking for victimized Steam users who downloaded games with hidden malware Xbox 360 devkit bought for $5 came with 2007 beta build of GTA IV with unreleased assets Arc Raiders was accidentally recording Discord conversations into an unencrypted local game file ShintyHunters, in contrast, is a group that operates less traditionally and often exploits API keys, user sessions, and third-party integrations to get inside more legitimately. In this instance, they were able to hijack the company's Anodot, which is an analytics and monitoring tool many businesses use to track finances. Anodot is connected to the firm's cloud infrastructure, which is "Snowflake" in Rockstar's case.

The group didn't break Snowflake's security ; they instead extracted authentication tokens from Anodot to pass as regular users and access Snowflake accounts. Once in, they easily stole the data, which likely doesn't include passwords or sensitive player info, and perhaps not even bits from active game development. Still, there will be confidential corporate data that Rockstar doesn't want to float around otherwise.

Snowflake is not just used by Rockstar. Many other companies that integrate it via Anodot have been compromised by ShinyHunters in the past few months as well. Rockstar seems to be part of a broader wave of extortion-related hacks that go beyond any ideological pursuits, such as the recent Spotify breach . In any case, if the ransom isn't paid by April 14, the malicious group will release the stolen data publicly.

Rockstar's spokesperson has told multiple outlets the hackers only took "non-material company information" and that the overall attack doesn't impact "our organization or our players.” That implies maybe the ransom doesn't need to be paid, since the data doesn't have any meaningful value and players aren't affected, or it could just be damage control.

Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.

Key considerations

Investor positioning can change fast
Volatility remains possible near catalysts
Macro rates and liquidity can dominate flows

Reference reading

More on this site

Informational only. No financial advice. Do your own research.

Key considerations

Reference reading

More on this site

Related posts:

Leave a Comment Cancel reply