Rockstar confirms breach

Rockstar Games says hackers accessed a limited amount of company data through a third-party breach, not through Rockstar’s core systems. (ign.com) In statements reported by IGN, Polygon, and Engadget on April 11 and April 12, Rockstar said the exposed files were “non-material” and that the incident had “no impact” on the company or its players. (ign.com) (polygon.com) (engadget.com) The hacking group ShinyHunters posted a ransom threat with an April 14, 2026 deadline and warned Rockstar to “pay or leak” after claiming access to the company’s Snowflake data environment. (forbes.com) (engadget.com) Reports from The Register, TechSpot, and RH-ISAC said the alleged path in was Anodot, a cloud analytics vendor tied to customer data systems, where stolen authentication tokens could be reused like a copied keycard. (theregister.com) (techspot.com) (rhisac.org) That matters because a third-party breach is a supplier problem that can spread into customers without breaking their own front door. RH-ISAC said the wider campaign targeted Snowflake customers through Anodot and relied on token theft rather than passwords. (rhisac.org) (theregister.com) Rockstar’s wording also narrows what has been confirmed. The company confirmed access to some company information, but public reports say ShinyHunters has not shown a full inventory of what was taken or how much data it holds. (gamesindustry.biz) (theregister.com) The studio is handling this against the backdrop of its 2022 security crisis, when early Grand Theft Auto VI footage leaked online after a separate hack. Reuters reported in August 2023 that Arion Kurtaj, linked to Lapsus$, hacked Rockstar and blackmailed the company over sequel source code. (reuters.com) (polygon.com) This time, Rockstar is drawing a line between an internal compromise and a vendor-linked exposure. By April 13, 2026, the company’s public position remained that the breach was limited, third-party in origin, and not affecting players. (gamesindustry.biz) (ign.com)