Rockstar Games has confirmed a data breach following claims by the ShinyHunters extortion group, which says it has leaked a large dataset tied to the company.
The attackers allege they accessed the data through compromised Snowflake environments using authentication tokens stolen during a recent security incident involving Anodot.
According to the threat actors, more than 78.6 million records linked to Rockstar Games have been published on their data leak site. They claim the breach was made possible after gaining access to Snowflake systems through tokens obtained from Anodot, a company that provides data monitoring services across cloud platforms.
Rockstar Games did not respond directly to multiple requests for comment, but in a statement shared with Kotaku, the company confirmed that a breach had occurred. It said that only a limited amount of non-critical company information was accessed and emphasized that the incident has not impacted its operations or players.
The attackers told BleepingComputer that the leaked data mainly includes internal analytics used to track Rockstar’s online services and support systems. This reportedly covers in-game revenue figures, purchase metrics, player behavior data, and details related to the game economy for titles like Grand Theft Auto Online and Red Dead Online. The data may also include customer support analytics from the company’s Zendesk platform.
Files reviewed by BleepingComputer appear to reference fraud detection systems and testing related to anti-cheat models, suggesting the breach could expose internal tools and monitoring systems used by the company.
This incident is part of a broader campaign tied to the Anodot security issue. Attackers reportedly stole authentication tokens from the service and used them to access customer data stored across platforms like Snowflake, Amazon S3, and Amazon Kinesis.
Snowflake previously confirmed it detected unusual activity affecting a small number of customer accounts connected to a third-party integration. The company responded by securing those accounts and notifying affected customers, later identifying Anodot as the source of the issue.
The ShinyHunters group has claimed responsibility for the attacks and says it has accessed data from multiple companies using the stolen tokens.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
Rockstar Games has faced similar issues in the past, including a 2022 breach where a hacker linked to the Lapsus$ group leaked early Grand Theft Auto 6 footage and source code.
