Rockstar confirms third-party data breach

Rockstar Games says a third-party breach exposed a limited amount of company data, and says the incident did not affect players or operations. (ign.com) The hacking group ShinyHunters claimed access over the weekend and gave Rockstar until April 14, 2026, to “pay or leak,” according to reports published April 12 and April 13. (forbes.com) Rockstar said the accessed material was “non-material company information.” The company did not identify the third party, describe the files, or say whether it received a ransom demand. (theregister.com) The reported path into Rockstar’s data did not involve breaking Snowflake itself. Multiple reports said the attackers reached Rockstar’s Snowflake environment through Anodot, a cloud-cost monitoring service that connects to Snowflake with its own credentials. (theregister.com) In plain terms, Snowflake is a company’s cloud data warehouse, and a connected tool like Anodot is a dashboard that reads that warehouse to track usage and spending. If tokens from that dashboard are stolen, attackers can appear to be an approved internal service instead of an outside intruder. (ign.com) (anodot.com) That kind of access route has become a recurring problem in recent cloud breaches: the weak point is often the connected software, not the main database. The Register reported that ShinyHunters has recently been linked to attacks that abused software-as-a-service integrations and stolen tokens at other large companies. (theregister.com) Rockstar’s parent company, Take-Two Interactive, is heading into a crucial year around Grand Theft Auto VI, which it has told investors is planned for fiscal 2027. A breach tied to internal metrics, contracts, or planning documents would land at a sensitive moment even if customer accounts were untouched. (take2games.com) Reports on what may have been taken remain unverified. Gadgets 360 said outside reporting had pointed to possible financial data, player-spending patterns, marketing timelines, and contracts, while Rockstar itself has only confirmed access to a limited amount of non-material information. (gadgets360.com) This is not Rockstar’s first public leak crisis. In September 2022, the company confirmed that early Grand Theft Auto VI footage had been illegally accessed and said the incident would not disrupt long-term development. (techcrunch.com) For now, Rockstar’s public line is narrow: limited company data was accessed through a third-party breach, and players were not affected. The next test is whether the April 14 deadline passes quietly or turns into another leak. (ign.com)