ShinyHunters Breach Rockstar Games via Third-Party Cloud Platform — 78.6 Million Records Leaked

Summary

The ShinyHunters cybercrime group has breached Rockstar Games, the studio behind Grand Theft Auto, exfiltrating approximately 78.6 million records from their Snowflake cloud environment. The attack vector wasn’t a direct assault on Rockstar or Snowflake — instead, ShinyHunters compromised Anodot, a third-party cloud analytics and cost-monitoring platform, stealing authentication tokens that granted access to Rockstar’s data stores.

After posting a ransom demand on April 11 with an April 14 deadline, and receiving no payment, ShinyHunters began leaking the stolen data. The dump primarily contains internal analytics: in-game revenue metrics, player behavior tracking, game economy data for GTA Online and Red Dead Online, daily KPI reports, cheat detection models, and Zendesk ticket metrics. Rockstar confirmed the breach but characterized it as “limited non-material company information” with “no impact on players.”

No customer personal data appears to have been exposed — this was an analytics goldmine, not a player data breach.

Sources

• The Record — Rockstar Games breach via cloud supply chain
• Hackread — ShinyHunters exploit Anodot to reach Snowflake
• CyberInsider — Rockstar confirms breach, ShinyHunters leak 78M records

Commentary

This is yet another case study in third-party supply chain risk — and it’s becoming the playbook. ShinyHunters didn’t need to crack Snowflake or Rockstar’s defenses directly. They found a softer target in the analytics chain and pivoted from there. The pattern of compromising SaaS integrations to steal auth tokens and access cloud environments is now a well-established ShinyHunters signature, following similar campaigns against other organizations.

Rockstar’s framing of this as “non-material” is technically accurate — no player PII leaked — but 78.6 million records of internal business intelligence is hardly trivial. Competitors, market analysts, and anyone interested in GTA Online’s revenue mechanics now have unprecedented visibility into Rockstar’s operations. The real lesson: your security posture is only as strong as your weakest SaaS integration.