Rockstar Games Faces Ransom Deadline After Data Breach by ShinyHunters

Severity: Medium (Score: 51.9)

Sources: Theverge, thecybersecguru.com, Rockpapershotgun, Notebookcheck, www.tomshardware.com

Summary

On April 11, 2026, Rockstar Games confirmed a data breach involving the hacker group ShinyHunters, which accessed company data through a third-party cloud service, Anodot. The attackers exploited vulnerabilities in Anodot to obtain authentication tokens, allowing them to access Rockstar's Snowflake data warehouse. ShinyHunters has demanded a ransom by April 14, threatening to leak sensitive internal documents if their demands are not met. Rockstar has stated that only a limited amount of non-material company information was accessed, emphasizing that player data and the development of Grand Theft Auto 6 remain unaffected. The breach highlights the risks associated with third-party services used by large corporations. Investigations are ongoing to assess the full extent of the breach and its implications for Rockstar's operations. Key Points: • ShinyHunters accessed Rockstar's data via a third-party service, Anodot. • Rockstar claims only non-material information was compromised, with no impact on players. • A ransom demand has been set for April 14, 2026, threatening data leaks if unmet.

Key Entities

• ShinyHunters (apt_group)
• Data Breach (attack_type)
• Supply Chain Attack (attack_type)
• Amtrak (company)
• Anodot (company)
• AT&T (company)
• Carguru (company)
• Cisco (company)
• anodot.com (domain)
• Telecommunications (industry)
• T1078 - Valid Accounts (mitre_attack)
• T1195 - Supply Chain Compromise (mitre_attack)
• T1199 - Trusted Relationship (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• Kinesis (platform)
• S3 (platform)
• Slack (platform)