Hacking group ShinyHunters claims to have breached GTA 6 developer Rockstar Games by accessing the studio's Snowflake instance.
As reported by The Cybersec Guru, the compromised material may include financial records, player spending, geographic data, marketing schedules, contracts with Sony, voice actors, record labels, and more. The group is currently demanding a ransom by April 14 or they will leak the files online.
There is no evidence that customer passwords or payment details were accessed, only corporate data.
“Rockstar Games, your Snowflake instance has been compromised thanks to Anodot.com. Pay or leak,” a post was posted on the dark web. “This is your final warning to get in touch by April 14, 2026 before it gets leaked with some annoying (digital) problems to come. Make the right decision. Don't become the next headline.”
Snowflake confirmed that Anodot was breached, but there was no word from Rockstar.
Snowflake confirmed to BleepingComputer earlier this week that Anodot, its AI-powered third-party integration platform, had suffered a security incident and that a small number of customers were affected. Anodot's website also confirms that “significant maintenance” is underway at the Frankfurt cluster. Through this breach, ShinyHunters appears to have bypassed Snowflake's security undetected by accessing Anodot's systems and extracting Rockstar's authentication tokens, negating the need for passwords.
Who are ShinyHunters?
ShinyHunters is not new to the hacking scene. This group has been operating since 2020 and typically targets third-party integrations, identity systems, and APIs.
Over the past six years, they have compromised Microsoft, Wattpad, AT&T, European Commission, SoundCloud, and Ticketmaster. The group also claimed in March that it had gained access to Salesforce data from more than 400 companies and disclosed data from 26 of them.
As HackRead reports, this group typically accesses large databases, extracts them, and uses them to threaten and blackmail companies, as seen with Rockstar today.
Rockstar Games and Take-Two Interactive have yet to release a statement regarding the alleged breach, but we will update this article accordingly when a statement becomes available.
