ShinyHunters claim the hack of Rockstar Games breach and started leaking data
Leak of 8.1GB data tied to Rockstar Games includes anti-cheat code, game data, analytics and more, reportedly exposed by ShinyHunters.
An 8.1GB data leak reportedly linked to Rockstar Games has surfaced, with files shared by ShinyHunters after being obtained via Anodot. The dataset includes anti-cheat source code, player analytics, game assets, Zendesk support tickets and financial information.
— International Cyber Digest (@IntCyberDigest) April 13, 2026
BREAKING: Rockstar Games breach data obtained through Anodot has been leaked by ShinyHunters.
The files total 8.1GB and contain anti-cheat source code, player analytics, game data, Zendesk ticket feeds, financial data and more.
A thread analyzing what has been leaked…pic.twitter.com/qi8cOXJOnL
Rockstar Games, one of the major companies in the video game industry, known for popular titles like Grand Theft Auto.
The cybercrime group claims they managed to access Rockstar-related systems hosted through a third-party cloud provider. The group alleges that sensitive internal data was exfiltrated and threatened to publish it.
The group attempted to pressure the company with public posts suggesting that failure to comply would result in both data leaks and further “digital disruption.”
Rockstar Games, however, has publicly minimized the impact of the incident. In its statement, the company indicated that only a limited amount of non-sensitive corporate information was accessed and emphasized that neither its operations nor its player community were affected.
“We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach,” a Rockstar Games spokesperson told BBC.
The firm’s response suggests that, at least from its perspective, the breach did not compromise core systems or player-facing services.
Security researchers note that groups like ShinyHunters have increasingly focused on exploiting third-party cloud environments rather than directly attacking corporate infrastructure. This approach allows attackers to bypass stronger internal defenses by targeting external service providers with weaker security postures or misconfigurations.
The incident marks the second major security event involving the company in just a few years, highlighting how high-profile gaming studios remain attractive targets for data theft and extortion schemes.
In a previous incident in 2022–2023, a hacker affiliated with the Lapsus$ collective gained access to internal systems and leaked early development footage of Grand Theft Auto VI. That breach resulted in significant operational disruption and forced the company to adjust its communication strategy around one of its most secretive projects.
The financial and reputational implications of such incidents are substantial. Beyond direct recovery costs, companies often face delays in development, increased security investments, and intensified scrutiny from both regulators and the public. In the case of Rockstar, the stakes are even higher due to the secrecy surrounding upcoming releases and the enormous expectations tied to its flagship titles.
As investigations continue, the Rockstar breach serves as another reminder of the evolving threat landscape facing major digital entertainment companies. In an era where cloud infrastructure, third-party vendors, and remote access systems are deeply integrated into business operations, securing the full supply chain has become as critical as protecting internal networks.
ShinyHunters is a well-known name in the cybercriminal ecosystem. The group is associated with a broader loosely connected network often referred to as “the Com,” made up largely of young, English-speaking individuals. Their operations typically focus on stealing data from large organizations and using leak sites to pressure victims into paying ransoms in cryptocurrency.
ShinyHunters has recently targeted major companies and organizations, leaking data when ransom demands fail. Victims include the European Commission, Odido, Figure, Canada Goose, and SoundCloud. The group primarily uses social engineering, especially voice phishing, to steal credentials and access SaaS platforms like Salesforce, Okta, and Microsoft 365.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Rockstar Games)
目录
最新
- ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed
- Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq
- Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix
- Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945
- SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97
- Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION
- Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores
- Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total