Rockstar Games suffers massive breach as hackers steal 78.6 million records

A cybercrime group has claimed responsibility for a major data breach at Rockstar Games, the company behind Grand Theft Auto. They claim to have stolen tens of millions of records by hacking into a third-party analytics platform.

The group, identified as ShinyHunters, said it accessed approximately 78.6 million records linked to Rockstar’s corporate data environment. The claim surfaced over the weekend on a leak site commonly used by the group, raising fresh concerns about the growing vulnerability of global tech firms to supply chain-style cyberattacks.

Hackers say the data breach did not originate within Rockstar’s system. Instead, they accessed Rockstar’s data through Anodot, an AI analytics tool that Rockstar used to track business performance. The hackers claim Anodot provided access to Rockstar’s data stored on Snowflake, a popular cloud platform.

Rockstar’s parent company, Take-Two Interactive, has yet to issue a detailed response. However, a spokesperson for Rockstar confirmed that some level of unauthorised access did occur, describing it as “a limited amount of non-material company information” obtained through a third-party vulnerability. The company added that the breach has not affected its operations or player data.

Snowflake, the company whose infrastructure was used to store the data, quickly distanced itself from the incident. It clarified that its platform had not been directly compromised and instead identified Anodot as the entry point for the attackers.

In response, Snowflake proactively disabled all user accounts linked to Anodot after detecting suspicious activity.

A pattern of supply-chain attacks similar to Rockstar’s

ShinyHunters is known for breaching the systems of major organizations. They have been linked to previous attacks on large companies in banking, retail, and technology. Typically, they steal sensitive data and then attempt to extort money from the affected companies.

Early reports suggest that the stolen data could include sensitive business intelligence such as in-game revenue figures, player behaviour analytics, and internal metrics tied to Rockstar’s online titles, including Grand Theft Auto Online and Red Dead Online.

This data breach is part of a larger pattern. In 2024, over 160 companies that use Snowflake’s services were reportedly victims of organized data theft attempts. These included well-known companies in the ticketing, banking, and car industries.

These breaches often exploit weak security practices or compromised credentials linked to third-party tools, rather than problems with Snowflake’s main systems.

It is unclear whether Rockstar has been contacted for ransom or if negotiations are happening. The hackers have not commented on demands, raising the possibility of escalation through a public data leak.

The gaming enterprise claims minimal impact, but the scale of the breach and a known hacking group’s involvement suggest the incident may be more serious than initially reported.

Similar read: Call of Duty movie in the works as Paramount strikes mega deal with Activision