Rockstar Games Confirms Data Breach by ShinyHunters, Ransom Deadline Set for April 14

Rockstar Games has confirmed a data breach carried out by the hacking group ShinyHunters, which has set a ransom deadline of April 14, 2026, threatening to release stolen corporate data if unpaid, according to Mashable and The Verge. The group claims to have obtained nearly 80 million business records, including revenue figures, purchase metrics, and player behavior data tied to Rockstar’s major titles such as Grand Theft Auto, as reported by Rappler.

The breach occurred through vulnerabilities in Rockstar’s third-party cloud service providers Snowflake and Anodot, with ShinyHunters allegedly exploiting an open access point rather than a direct hack on Rockstar’s own systems, detailed by The Register and Expansion MX. This incident marks at least the second cyberattack on Rockstar in the last two years, highlighting persistent security challenges stemming from third-party integrations.

Despite the volume and sensitivity of the data reportedly stolen, Rockstar Games and its parent company Take-Two Interactive have maintained that the breach has no material impact on the company’s operations or its players, per statements cited by The Verge and Mashable. They have declined to provide detailed information about the specific records compromised, while denying any ongoing exposure to customers or game security.

The hacker group’s ransom demand underscores the growing risks to the gaming industry from ransomware attacks targeting large software developers through external vendors. As detailed by Tom’s Hardware and Engadget, cybersecurity experts warn that reliance on third-party cloud platforms can create significant vulnerabilities, requiring more rigorous security protocols.

Industry watchers will be monitoring whether Rockstar pays the ransom or if the data will be publicly leaked after the April 14 deadline, potentially exposing sensitive corporate information and impacting forthcoming game releases like Grand Theft Auto VI. The episode serves as a test case for crisis response as digital asset security increasingly depends on multi-vendor ecosystems.