The established threat group ShinyHunters claims responsibility for breaching Rockstar Games' cloud infrastructure, demanding a ransom by April 14th or threatening a major data dump. While the initial noise pointed toward a direct compromise of Snowflake servers, the actual entry vector appears much more subtle. The group asserts they exploited a vulnerability within Anodot.com.

Rockstar Games confirmed a data breach occurred, though a spokesperson downplayed the impact, stating only a limited amount of non-material company information was accessed. This attack vector is technically interesting because Anodot, a cloud cost monitoring service, provided the gateway, suggesting compromised credentials or weak session handling rather than a direct attack on the core data warehouse provider.

Though player passwords are believed safe, the stolen assets likely include sensitive corporate materials such as internal contracts and marketing blueprints, posing a serious reputational risk. ShinyHunters has a history targeting major firms like Microsoft and Cisco, often following through on their threats to sell or release compromised data sets.

The incident echoes the notorious 2022 leak involving early GTA 6 footage, though the method here relied on supply chain access rather than an insider threat through Slack. Rockstar must now manage the fallout from exposure via a third-party analytics vendor.