Rockstar Games, the studio behind the Grand Theft Auto series, has confirmed that it was the target of a cyberattack carried out by a hacker group called ShinyHunters. The group claimed to have accessed Rockstar’s cloud servers through a third party and threatened to release stolen data unless the company paid a ransom. The deadline set by the hackers was April 14, 2026. But the breach did not happen through a direct attack on Rockstar’s systems.
Instead, ShinyHunters reportedly exploited a vulnerability in Anodot, a cloud cost monitoring tool that Rockstar uses to manage its data. Through this, the hackers were able to access Rockstar’s Snowflake cloud instances. Rockstar confirmed the incident in a statement: “We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach. This incident has no impact on our organisation or our players.”
The timing of the attack puts pressure on a company that has already invested enormously in its next release. Grand Theft Auto VI has been in development for nearly 10 years, with estimated costs close to $2 billion, reports The Guardian. The game is scheduled to launch on November 19, 2026, after being pushed back from an earlier autumn 2025 date. Any breach of company data raises concerns, given how tightly Rockstar controls information about the game.
Turns out the leak is not as bad as everyone thought
ShinyHunters released the data on April 13, a day before their own deadline, after Rockstar reportedly refused to pay. The group posted a message alongside the files: “How does it feel to be the headline?” According to people who have seen the data, it mostly contains financial metrics from GTA Online and Red Dead Online, including how much money the games bring in daily and weekly, as well as spending data broken down by country.
Reports suggest Rockstar earns over $1 million a day from GTA Online alone. There is no indication that GTA VI source code, game assets, or player account data was included in the leak. ShinyHunters is a well known hacking group that has previously targeted companies including Microsoft, Cisco, and Ticketmaster.
The group is linked to a loose network of cybercriminals known as the Com, made up mostly of English-speaking young people between the ages of 16 and 25. Aiden Sinnott, a threat researcher at cybersecurity firm Sophos, described them as very similar in profile to other groups operating under the Com umbrella.
GTA VI has already been drawing attention for other reasons too, including controversy over some of its content that has even led to threats of a government ban in certain countries. This is not the first time Rockstar has dealt with a serious security incident. In 2022, a teenager from the Lapsus$ hacking group broke into Rockstar’s internal Slack channel and posted around 90 minutes of early GTA VI footage online. That person, Arion Kurtaj, was later given an indefinite hospital order.
Rockstar said the 2022 breach cost the company $5 million and thousands of hours of staff time. GTA V and its online mode have made more than $8 billion since launching in 2013, making the franchise one of the most valuable in entertainment. With GTA VI carrying a development cost that could rival some Hollywood blockbusters, Rockstar has every reason to keep its data locked down.
Fans are also watching the game closely for what it might bring to the series, with details like how a returning gameplay mechanic could be tied to protagonist Lucia’s ankle monitor generating buzz online. This latest breach, while seemingly less damaging than feared, is another reminder of how vulnerable even the biggest companies can be when third-party tools are involved.
Published: Apr 14, 2026 01:00 pm