Rockstar Games is facing a new cybersecurity scare after a hacking group claimed it stole nearly 80 million business records tied to the company, including data allegedly pulled from Rockstar’s Snowflake account.
Hackers say the records came through Snowflake and Anodot
According to Reuters, a representative of the hacking group said in an online chat that it possesses 78.6 million records from Rockstar’s account with Snowflake, the cloud data management company.
Rockstar’s Snowflake data was accessed through a compromise involving Anodot, an AI-powered business analytics platform.
The News International described the same chain, saying the attackers claimed Rockstar’s Snowflake data was reached through compromised Anodot-linked data or credentials.
That matters because it shifts the focus away from a direct compromise of Rockstar’s own internal systems.
Snowflake spokesperson shared that the incident was not a compromise of Snowflake’s platform or environment, but rather a result of a compromise of Anodot. Snowflake added that after detecting unusual activity, it proactively disabled all user accounts referencing Anodot from connecting to Snowflake.
Rockstar says the breach was limited and not material
Rockstar’s public response was much narrower than the hackers’ claims.
Rockstar Games spokesperson said by email that the company can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach.
The spokesperson added that the incident has no impact on our organization or our players.
Rockstar’s parent company, Take-Two Interactive Software, did not immediately respond to Reuters’ request for comment. A representative for Israel-based Anodot could not be reached outside normal business hours.
What may be inside the stolen material
Reuters said it could not immediately verify the stolen data. The cache includes in-game revenue and purchase metrics, player behavior tracking, and game economy data tied to Grand Theft Auto Online and Red Dead Online. The leaked information appears to involve commercially sensitive performance and player-behavior records rather than ordinary consumer login data.
If confirmed, that would make the incident significant not because of direct player-account exposure, but because of the kind of internal business intelligence the data may contain.
Metrics on purchasing behavior, in-game economies, and player patterns are the sort of information publishers usually guard closely because they shape live-service strategy, monetization, and game-balancing decisions.
The underlying records had not yet been independently verified.
Part of a wider Snowflake-linked cyber pattern
More than 160 Snowflake customers were targeted in data theft and extortion attempts over several months in 2024, including Ticketmaster, Santander Group, and Advance Auto Parts. That makes the Rockstar case look less like an isolated one-off and more like another ripple from a larger pattern of attacks tied to cloud-connected enterprise data.
For now, the key uncertainty is whether the hackers’ claims about scale match the actual value and sensitivity of what was taken. Rockstar is calling the breach limited and non-material. ShinyHunters is calling it a haul of almost 80 million records.
Until independent verification emerges, the incident sits in the uncomfortable space between confirmed third-party exposure and still-unproven claims about what the attackers really have.
