Rockstar hit by ransom claim

Rockstar Games says a new data breach exposed only “non-material” company information, even as hackers threatened to leak stolen files by April 14. (ign.com) The studio told IGN and other outlets that the data was accessed through a third-party breach and said the incident has “no impact on our organization or our players.” Video Games Chronicle and Polygon reported the same statement on April 11 and April 12. (ign.com) (videogameschronicle.com) (polygon.com) Forbes, PCGamesN and Windows Report said the group ShinyHunters claimed responsibility on a dark-web leak site and set an April 14, 2026 deadline for payment. Those reports said the post threatened to publish or sell the data if Rockstar refused. (forbes.com) (pcgamesn.com) (windowsreport.com) A third-party breach means the break-in happened through an outside service used by Rockstar, not necessarily through Rockstar’s own core systems. IGN and Video Games Chronicle both reported that Rockstar described the accessed data as limited and non-material, but the company did not publicly list the files involved. (ign.com) (videogameschronicle.com) Several outlets tied the claim to Snowflake, a cloud data warehouse that companies use to store and analyze large datasets. Google-owned Mandiant said in 2024 that a financially motivated group it tracks as UNC5537 targeted Snowflake customer instances for data theft and extortion. (pcgamer.com) (cloud.google.com) Mandiant said the 2024 campaign hit Snowflake customer accounts with stolen credentials, and Snowflake said at the time there was no evidence its own platform had been breached. That distinction matters in cases like Rockstar’s, because attackers can reach customer data through weak or stolen logins connected to outside tools. (cloud.google.com) Rockstar is still living with the fallout from its last major hack. In September 2022, a teenager linked to the Lapsus$ group leaked early Grand Theft Auto VI footage, and the case ended with an indefinite hospital order in the United Kingdom in December 2023 after a judge found he remained a high risk. (bbc.com) (rockstargames.com) This time, Rockstar’s public line is narrower: limited company information was accessed, players are unaffected, and the company has not confirmed the hackers’ broader claims. By April 12, the story had become a familiar standoff — a verified breach, an unverified threat of a bigger leak, and a short ransom clock. (ign.com) (forbes.com)