Rockstar’s GTA Game Hacked – Attackers published 78.6 Million Records Online

Rockstar Games has confirmed a data breach after the notorious hacking group ShinyHunters exploited a third-party integration to access the company’s internal Snowflake data warehouse, ultimately leaking over 78.6 million records on April 14, 2026.

The breach did not stem from a direct attack on Rockstar’s infrastructure. Instead, ShinyHunters leveraged Anodot, an AI-powered cloud cost monitoring and analytics SaaS platform that Rockstar uses to manage its digital infrastructure.

Attackers reportedly extracted authentication tokens from Anodot’s systems, allowing them to impersonate a legitimate internal service and silently traverse into Rockstar’s connected Snowflake data warehouse.

Notably, no vulnerability in Snowflake itself was exploited; the tokens provided trusted, seemingly legitimate access that initially evaded detection.

Rockstar’s GTA Game Hacked

Anodot had itself flagged connectivity issues as early as April 4, noting that its data collectors were offline across regions, including Snowflake, Amazon S3, and Amazon Kinesis.

The timeline suggests the compromise was already underway before Rockstar was made aware. ShinyHunters is known for precisely this type of supply-chain pivot targeting identity systems, API keys, and third-party integrations rather than relying on traditional exploits.

On April 11, 2026, ShinyHunters posted a warning on their dark web leak site: “Rockstar Games! Your Snowflake instances were compromised thanks to Anodot.com. Pay or leak.

This is a final warning to reach out by 14 Apr 2026 before we leak along with several annoying (digital) problems that’ll come your way.”. When Rockstar declined to negotiate consistent with global law enforcement guidance against paying ransoms, the group confirmed to the BBC that it would release the stolen data.

The leaked archive contains 78.6 million records described as a multi-domain analytics dataset used for GTA Online (GTAO) and Red Dead Online (RDO).

According to data from the leak, GTA Online generated approximately $500 million annually, driven by roughly $7.3 million in weekly Shark Card sales and $2.3 million in GTA+ subscription revenue. Platform-level breakdowns reveal PS5 as the top revenue driver with $4.49 million in weekly bookings and 3.47 million weekly active users, followed by Xbox Series X at $1.87 million weekly.

Player activity metrics show GTAO averaging 9.9 million weekly active users and peaking at 15.4 million, while RDO averaged 969,848 weekly active users. Crucially, no player passwords, payment details, personal identifiable information, source code, or GTA 6 development assets were part of the leak.

In a statement issued to multiple outlets, including Kotaku and IGN, a Rockstar Games spokesperson confirmed: “We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach. This incident has no impact on our organization or our players.”

This incident reinforces a persistent and escalating threat pattern: supply-chain attacks via trusted SaaS integrations. ShinyHunters has previously breached Ticketmaster, AT&T, Microsoft, and Cisco using similar vectors.

The Anodot-to-Snowflake pivot underscores that even organizations with hardened internal environments remain exposed through third-party connectors that hold privileged access credentials

Security teams are advised to audit all SaaS integrations for least-privilege access, rotate authentication tokens regularly, and monitor for anomalous Snowflake query behavior as early indicators of lateral movement through third-party tooling.

Updated: April 14, 2026 — ShinyHunters has now published the dataset following Rockstar’s refusal to pay the ransom demand.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Rockstar’s GTA Game Hacked – Attackers published 78.6 Million Records Online appeared first on Cyber Security News.