78M Rockstar records leaked - hackers came in through a vendor
78M Rockstar records leaked - hackers came in through a vendor
April 13, 2026. The hacking group ShinyHunters releases 78.6 million records from Rockstar Games. The attack didn’t come through the front door - it came through Anodot, a small cloud cost analytics vendor.
This is the second major leak at Rockstar Games in four years. In 2022, GTA VI source code leaked. Now - 78.6 million internal analytics records.
But this time the hackers didn’t go through the front.
Anodot → Snowflake → Rockstar
They walked through the chain of trust.
Anodot is a small SaaS company that does cloud cost analytics. You’ve probably never heard of them. Rockstar used them - like hundreds of other companies - to monitor how much they spent on Snowflake resources.
ShinyHunters first compromised the access credentials to an Anodot account. Then that credential gave them access to Snowflake - the cloud where Rockstar kept its data.
From Snowflake they pulled 25 files. 7.54 GB. Mostly GTA Online and Red Dead Online analytics: payment data, virtual currency stats, regional metrics.
Not the first time
The most important element of this attack - it’s not the first time. The same group recently hit:
- Booking.com - reservation data leaks
- Allianz Life - insurance customer data
- Pure Storage - corporate data
All by the same hackers. All through the same external SaaS vendors.
What Rockstar confirmed
Rockstar’s official statement: “We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach.”
And critically - no player data in the leak. No GTA VI material. Take-Two (Rockstar’s parent) stock actually rose despite the breach - because investors understood it didn’t touch the product.
My take
The worst news for every CIO in 2026: your company is only as secure as your weakest vendor.
You can have the best pentesters. The best intrusion detection software. The tightest access controls. And you’ll fall through Anodot - a small company nobody in your org probably remembers.
This should be a wake-up call for anyone who cares. Time to audit every external SaaS that connects to your systems. Every single one. Including the small cost-analytics tools.
Because if you don’t, you’re next.
Sources
- The Register - “Rockstar Games gets a taste of grand theft data” (April 13, 2026)
- Tom’s Hardware - “Rockstar Games confirms it was hacked by malicious group ShinyHunters” (April 13, 2026)
- Cryptonomist - “78.6M records surface in Rockstar Games breach” (April 14, 2026)
- Help Net Security - “Rockstar Games receives ‘pay or leak’ warning” (April 13, 2026)
- HackRead - “ShinyHunters Leak Rockstar Games Data” (April 2026)
- SecurityAffairs - “ShinyHunters claim the hack of Rockstar Games breach” (April 2026)
- Engadget - “Rockstar Games confirms third-party data breach” (April 13, 2026)