Rockstar Games confirms data breach following theft of 80 million records

Rockstar Games has confirmed a security breach after the hacking group ShinyHunters claimed to have stolen nearly 80 million business records.

The breach, which was revealed on the group’s website this past Saturday, allegedly involves 78.6 million records stored within Rockstar’s account on the Snowflake data management platform.

According to a representative for the hackers who spoke with Reuters, the group gained access by compromising credentials from Anodot, an AI-powered business analytics firm used by Rockstar.

In a statement, a Rockstar Games spokesperson acknowledged that a "limited amount of non-material company information" was accessed.

The company maintained that the incident had "no material impact" on its organisational efficacy or the experience of its players.

Snowflake also clarified that its own platform was not directly compromised; rather, the vulnerability originated within Anodot's environment.

Upon detecting the intrusion, Snowflake proactively disabled all user accounts associated with Anodot to halt further unauthorised connections.

The stolen data reportedly contains sensitive internal metrics, including in-game revenue, purchase data, and detailed player behaviour tracking for Grand Theft Auto Online and Red Dead Online.

This incident is part of a broader campaign targeting Snowflake customers throughout 2024, with more than 160 organisations—including Ticketmaster, Santander Group, and Advance Auto Parts—falling victim to similar extortion attempts.

While Rockstar downplays the severity, the volume of records highlights the persistent risks associated with third-party digital supply chains and the ongoing activity of high-profile cybercrime groups.