Rockstar Games has confirmed that a third-party data breach allowed access to a limited amount of non-material company information. The incident follows claims by hacking group ShinyHunters, which demanded a ransom by April 14 or threatened to leak data stolen from Rockstar's Snowflake instances via Anodot. Rockstar stated the breach has no impact on its organization or players.
On April 11, 2026, ShinyHunters claimed on a dark web site to have compromised Rockstar Games' Snowflake servers through Anodot, a cloud monitoring service. The group issued a ransom demand, warning: “Rockstar Games, your Snowflake instances were compromised thanks to Anodot.com. Pay or leak. This is a final warning to reach out by 14 Apr 2026 before we leak, along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline.” ShinyHunters did not crack Snowflake's encryption directly but used authentication tokens obtained via Anodot, as first reported by CybersecGuru and covered by Eurogamer and Kotaku. The hackers suggested they hold financial, marketing, and corporate data, though specifics remain unconfirmed publicly and no player passwords appear compromised. Rockstar Games responded swiftly with a statement, telling IGN and Kotaku: “We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach. This incident has no impact on our organisation or our players.” The studio emphasized the data's non-material nature and lack of effect on staff or players. This marks the second major breach for Rockstar, following a 2022 hack by teenager Arion Kurtaj, who accessed early Grand Theft Auto 6 assets via a third-party app and Slack, leading to widespread leaks. Rockstar described that incident as a network intrusion; Kurtaj was later deemed unfit to stand trial or, per other accounts, sentenced to indefinite hospital detention.
