Rockstar Games Hit by Cyberattack and Ransom Threat
▼ Summary
– Rockstar Games confirmed a cyberattack by the group ShinyHunters, which claims to have accessed the company’s Snowflake data environment.
– The attackers used the third-party platform Anodot as an entry point, extracting tokens to access a connected Snowflake account.
– ShinyHunters posted a ransom demand on April 11, threatening to leak data unless paid by April 14.
– Rockstar stated a limited amount of non-material company information was accessed and that the incident has no impact on its operations or players.
– The specific data compromised and the ransom details were not disclosed by either Rockstar or the hacking group.
Rockstar Games, the studio responsible for blockbuster franchises like Grand Theft Auto and Red Dead Redemption, has acknowledged a significant cybersecurity breach. The incident was claimed by the notorious hacking group ShinyHunters, which asserts it infiltrated the company’s Snowflake cloud data storage environment and stole proprietary information.
According to reports, the attackers did not target Snowflake’s infrastructure directly. Instead, they gained initial access by exploiting Anodot, a third-party software-as-a-service platform Rockstar uses for cloud cost monitoring and analytics. This breach allowed the hackers to extract authentication tokens, which they then used to enter a connected Snowflake account. The group publicly announced the attack on its dark web leak site, posting a message directed at Rockstar Games. The statement, dated April 11, read, “Your Snowflake instances were compromised thanks to Anodot.com. Pay or leak,” and set a ransom payment deadline of April 14.
Prior to this announcement, Anodot had reported service disruptions. On April 4, the company noted that its data connectors for platforms including Snowflake, Amazon S3, and Amazon Kinesis were down across multiple regions. A subsequent update confirmed that while alert systems were functional again, the data collectors remained offline.
In an official statement provided to media outlets, Rockstar Games sought to downplay the severity of the breach. “We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach,” a spokesperson said. “This incident has no impact on our organization or our players.” The company has not elaborated on the specific nature of the compromised data, identified the perpetrators, or confirmed whether a ransom demand was received. For its part, ShinyHunters has not disclosed the volume or contents of the data it allegedly obtained.
This attack on a major video game developer is part of a broader pattern of activity by ShinyHunters. The group has been linked to several other high-profile cyberattacks in recent months, targeting organizations such as the European Commission, financial services firm Aura, and cloud giant Salesforce. The incident underscores the persistent risks associated with third-party vendor security and the interconnected nature of modern digital infrastructure.
(Source: Help Net Security)
