ShinyHunters claims they lifted player data, revenue metrics, and game economy info for GTA Online and Red Dead Online through a third-party breach. Rockstar says it’s “non-material.”
A hacking group just pulled off a real-life Grand Theft Auto heist, and the victim is Rockstar Games itself.
ShinyHunters, a hacking group with a history of compromising major corporations, claims it has stolen 78.6 million business records from Rockstar Games, the developer behind Grand Theft Auto and Red Dead Redemption.
The claim was posted Saturday, April 12, according to cybercrime research platform eCrime.ch. A ShinyHunters representative told Reuters the stolen data came from Rockstar’s account with Snowflake, a corporate data management company.
But the company’s Snowflake data wasn’t accessed directly. The hackers compromised Anodot, an AI-powered business analytics platform that had access to Rockstar’s Snowflake account. That third-party breach gave ShinyHunters the keys.
According to Bleeping Computer, the stolen data includes in-game revenue and purchase metrics, player behaviour tracking, and game economy data for Grand Theft Auto Online and Red Dead Online.
If true, that’s massive. Revenue metrics, player behaviour patterns, and game economy data are exactly what competitors would love to see, and the gaming giant would want private.
Rockstar says it’s “non-material” (but is it?)
Rockstar’s parent company, Take-Two Interactive, hasn’t issued an official statement. But a spokesman said the company “can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach. This incident has no impact on our organization or our players.”
78.6 million records sound pretty material. In-game revenue metrics and player behaviour tracking sound pretty material. But the gaming enterprise is framing this as minor.
“Non-material” in corporate speak often means “doesn’t affect financials or operations in a way requiring investor disclosure.” Doesn’t mean the data isn’t valuable, just that it won’t move the stock price.
Days of hacking: Crypto bridge Hyperbridge hacked, $237K stolen in DOT token attack
From the company’s perspective, this wasn’t a direct breach. Anodot got compromised, and because Anodot had access to Rockstar’s Snowflake account, hackers got in through the side door.
Snowflake confirmed: “This is not a compromise of Snowflake’s platform, but rather a result of a compromise of Anodot.” After discovering unusual activity, Snowflake disabled all user accounts referencing Anodot.
ShinyHunters has done this before
ShinyHunters has a track record of hitting major corporations. More than 160 Snowflake customers were targeted in data theft attempts in 2024, including Ticketmaster, Santander Group, and Advance Auto Parts. ShinyHunters was linked to some of those breaches.
The group’s usual play: breach a company, steal data, post proof publicly, then either sell the data or extort the company for payment.
The ShinyHunters representative declined to comment on whether they demanded money from Rockstar or whether there had been interaction. That silence could mean negotiations are happening, or they plan to sell or leak the data publicly.
What this means for Rockstar and the industry
For Rockstar, the immediate damage is reputational. Getting hacked is embarrassing, especially when you create virtual worlds where players commit digital crimes. The irony isn’t lost.
But the bigger issue is what the data reveals. Revenue metrics and player behaviour tracking give competitors insight into how Rockstar monetizes GTA Online and Red Dead Online. Game economy data could expose pricing strategies, microtransaction performance, and which in-game items drive revenue.
For the broader tech industry, this is another reminder that third-party vendors are often the weakest link. Rockstar didn’t get hacked directly. Anodot did. But because Anodot had access to Rockstar’s Snowflake account, the breach rippled through.
Companies can secure their own systems, but if a vendor with data access gets compromised, security becomes irrelevant.
Rockstar says there’s no impact on players, likely meaning no personal data like credit cards or passwords were stolen. Good news for millions of GTA Online and Red Dead Online players.
But for Rockstar? This is a headache. And for the rest of the industry? Another wake-up call about third-party risk.
Leave a comment