Back

Atlas Menu Data Breach Exposes 64,000 User Accounts

Severity: High (Score: 64.5)

Sources: haveibeenpwned.com, Technadu, Theregister

Published: 2026-06-01 · Updated: 2026-06-01

Keywords: atlas, cheat, service, menu, attacker, data, breach

Severity indicators: breach, data breach, ot

Summary

In May 2026, the Atlas cheat service for Grand Theft Auto V and Counter-Strike 2 suffered a significant data breach. An attacker claimed to have compromised all systems and published a database containing approximately 64,000 user records on GitHub. The leaked information includes unique email addresses, usernames, IP addresses, support tickets, and bcrypt-hashed passwords. The breach was confirmed by Have I Been Pwned on May 30, 2026. This incident follows a previous data leak involving Rockstar Games, indicating ongoing security issues in the gaming sector. Users of the Atlas service now face potential risks related to their leaked data, including privacy concerns and possible exploitation. The breach highlights the lack of security measures even among cheat service providers. Key Points: • Atlas cheat service experienced a data breach affecting around 64,000 user accounts. • The leaked data included sensitive information such as email addresses and hashed passwords. • The breach was confirmed by Have I Been Pwned on May 30, 2026, following the attacker's claims.

Detailed Analysis

**Impact** Approximately 64,000 unique user accounts of Atlas, a cheat service for Grand Theft Auto V and Counter-Strike 2, were compromised in May 2026. Exposed data includes email addresses, usernames, IP addresses, support tickets, purchase records, license keys, signup dates, and Rockstar Games account identifiers. The breach affects users globally who engaged with the cheat service, potentially exposing sensitive personal and operational information. The leak also includes internal records such as banned user lists and administrator logs, increasing the risk of further exploitation. **Technical Details** The attacker gained access to all Atlas systems and extracted the internal database, which was subsequently published on a public GitHub repository. Passwords were stored as bcrypt hashes, providing cryptographic protection but still vulnerable due to public exposure. No specific attack vectors, malware, CVEs, or tools used were disclosed in the articles. The breach involved network intrusion and data exfiltration stages of the kill chain. No IOCs were provided. **Recommended Response** Users of Atlas and related services should immediately change passwords and monitor accounts for suspicious activity due to the public exposure of bcrypt-hashed credentials. Security teams should monitor for unauthorized access attempts related to the leaked email addresses and associated identifiers. Organizations should review internal access controls and audit logs for unusual activity, although no specific patches or configurations were detailed. Monitoring public repositories for further data dumps related to this breach is advised.

Source articles (3)

  • Atlas Menu Data Breach Exposes Approximately 64,000 User Accounts — Technadu · 2026-06-01
    Atlas , a recognized GTA V and CS2 cheat service, suffered a data breach in May 2026. The incident compromised the system infrastructure, affecting 63,926 unique email addresses tied to the platform's…
  • According to — haveibeenpwned.com · 2026-06-01
    In May 2026, the GTA V and CS2 cheat service Atlas suffered a data breach. An attacker claimed to have gained access to all Atlas systems and published the service's database to a public GitHub reposi…
  • GTA cheat service Atlas Menu hacked as attacker alleges screenshot spying — Theregister · 2026-06-01
    A database containing 64,000 user records was published to GitHub after an attacker claimed to have compromised all Atlas systems Grand Theft Auto cheat users have discovered that even the people sell…

Timeline

  • 2026-05-01 — Atlas Menu data breach occurred: An attacker gained access to Atlas systems and extracted user data, later publishing it on GitHub.
  • 2026-05-30 — Breach confirmed by Have I Been Pwned: The compromised user data was officially added to the breach notification service, confirming the scale of the leak.
  • 2026-06-01 — Articles published detailing the breach: Both The Register and Technadu reported on the breach, highlighting the sensitive data exposed and the implications for users.

Related entities

  • Data Breach (Attack Type)
  • Atlas (Platform)
  • GitHub (Platform)
  • Rockstar Games (Company)
  • CWE-200 - Exposure of Sensitive Information (Cwe)
  • shinyhunters.in (Domain)
  • T1567 - Exfiltration Over Web Service (Mitre Attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed