Rockstar confirms Snowflake data breach

Rockstar Games has confirmed a data breach tied to a third-party Snowflake account, and the company says Grand Theft Auto VI’s release timing has not changed. (rockstargames.com) Rockstar’s confirmation follows posts circulating on X that attributed the intrusion to the hacking group ShinyHunters and said the attackers were threatening to publish internal material unless a ransom was paid by April 14, 2026. Those posts said the stolen files included Grand Theft Auto VI marketing calendars, budgets, contracts and player data. (x.com / x.com) Snowflake is a cloud data warehouse, which means companies use it to store and analyze large pools of data in one place. In June 2024, Mandiant said a financially motivated group it tracks as UNC5537 had been breaking into Snowflake customer accounts with stolen credentials and then extorting victims. (cloud.google.com) Snowflake said at the time that it did not believe the campaign came from a flaw in Snowflake’s own platform. The company said the attacks were using customer credentials exposed through other cyber incidents, not a breach of Snowflake’s internal environment. (community.snowflake.com) That detail matters because it points to the weak spot in these cases: identity, not software code. Mandiant said the 2024 Snowflake intrusions it investigated were traced to compromised customer credentials, and one victim account it examined did not have multi-factor authentication enabled at the time of compromise. (cloud.google.com) ShinyHunters has kept using that playbook in 2026, according to Google’s threat intelligence team. In January, Mandiant said ShinyHunters-linked crews were using voice phishing, fake company login pages and stolen single sign-on codes to get into cloud software accounts and steal data for extortion. (cloud.google.com / cloud.google.com) Rockstar’s statement narrows the immediate business impact: the company says the breach does not affect the product release schedule. Rockstar’s public site still lists Grand Theft Auto VI as an upcoming title, and Take-Two Interactive’s investor materials continue to center Rockstar in its fiscal 2026 and 2027 plans. (rockstargames.com / take2games.com) The open question is what, if anything, gets published after April 14. For now, Rockstar has acknowledged the breach, the attackers are claiming to hold sensitive files, and the company is drawing a line between stolen data and the game’s release timetable. (rockstargames.com / x.com)