Rockstar Games faces April 14 ransom deadline following alleged data leak

Rockstar Games hasn't publicly addressed the data breach as of writing.

Threat group ShinyHunters has listed Rockstar Games on its leak site, alleging a data breach through an Anodot-Snowflake integration. The group has set an April 14 deadline for the studio to respond to these claims.

Anubhav Sharma, Published 04/11/2026

Rockstar Games is reportedly facing another major security breach. Data breaches aren't something new for the company - in the high-profile 2022 incident, early developmental footage of Grand Theft Auto VI was leaked via a social engineering attack on the company’s internal Slack. This latest threat, if true, targets the studio's corporate data backend rather than the active game environment.

The claim originates from ShinyHunters, a threat group with a long history of targeting large-scale identity systems and API integrations. The group was previously linked to massive data thefts at Ticketmaster, AT&T, and Microsoft. Unlike the 2022 leak, which was the work of an individual, this operation appears to be part of a bigger campaign targeting companies that utilize specific cloud-based data warehousing and monitoring tools.

According to RansomLook.io and CyberSec Guru, the attackers did not compromise Rockstar’s perimeter directly. Instead, they allegedly leveraged an automated integration through Anodot, a third-party cloud-cost monitoring platform. The group claims to have gained access to Rockstar's Snowflake environment (which the company uses to store and manage, among other data, its analytical data and player telemetry) by harvesting authentication tokens from Anodot. Using this method, attackers can bypass standard multi-factor authentication by using legitimate service tokens that stay valid for extended periods. This type of supply-chain vulnerability seems to have become a primary vector for ShinyHunters throughout late 2025 and early 2026.

Rockstar is not the only big name in this coordinated wave. The group simultaneously listed victims including Amtrak and McGraw Hill, claiming to have compromised over 100 million records combined through third-party Salesforce integrations. The threat actors have established a ransom deadline of April 14. They are threatening to release the data if their demands are not met. Rockstar Games and its parent company, Take-Two Interactive, have not yet released an official statement or filed a regulatory disclosure regarding the incident.

Source(s)

RansomLook.io via CyberSec Guru

⟨

Casio G-Shock GWR-B3000: New GravityMaster watches revealed ahead of launch

Please share our article, every link counts!

Add as a preferred
source on Google

No comments for this article

Got questions or something to add to our article? Even without registering you can post in the comments!

No comments for this article / reply

Loading Comments

Comment on this article

Anubhav Sharma - Tech Writer - 1516 articles published on Notebookcheck since 2024

Most of my time goes into writing - and somehow it hasn’t stopped being fun yet. My work mainly revolves around everyday tech, gaming, watches, DIY modding, and the occasional piece on tech-policy chaos when companies and governments clash. I try to keep things simple and honest, without sounding like a product brochure. I have a Bachelor’s degree in Computer Science Engineering and an Associate Degree in English Studies from the College of New Caledonia in British Columbia, Canada. Away from articles and deadlines, life usually shifts to making music, taking photos, or trying to finish games that should have been completed months ago.

contact me via: @lottamuzic, LinkedIn

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2026 04 > Rockstar Games faces April 14 ransom deadline following alleged data leak

Anubhav Sharma, 2026-04-11 (Update: 2026-04-11)

Source(s)

No comments for this article

Related Articles