Rockstar Games Hit by Second Breach in Three Years

ShinyHunters Claims Responsibility for Latest Attack

The breach was reported by cybersecurity news outlets on Saturday after ShinyHunters publicly claimed responsibility. According to posts viewed by media outlets, the criminals gained access to Rockstar’s infrastructure through a third-party cloud provider and demanded payment under threat of releasing confidential data online.

ShinyHunters is a prolific group of English-speaking cybercriminals, thought to be in their teens, who specialize in data theft and extortion. The group previously claimed involvement in a major breach targeting Ticketmaster, the gig ticket operator, and has repeatedly broken into cloud storage systems used by major corporations over the last two years.

Rockstar Downplays Impact of Security Incident

Despite the hackers’ claims, Rockstar Games has minimized the severity of the breach. A company spokesperson told the BBC: this incident has no impact on our organisation or our players. The studio confirmed that a limited amount of non-material company information was accessed in connection with a third-party data breach.

However, ShinyHunters stated they would publish the stolen data online as their ransom demands went unmet. Law enforcement agencies worldwide advise against paying cybercriminal ransoms, as doing so fuels the extortion industry and provides no guarantee that hackers will actually delete stolen information.

Pattern of Attacks on Gaming Giant Continues

This incident marks the second time in three years that Rockstar Games has fallen victim to a significant cyberattack. In 2023, an 18-year-old British hacker named Arion Kurtaj was given an indefinite hospital order after infiltrating the company and stealing source code and video clips of the unfinished Grand Theft Auto 6 game.

That breach proved damaging: 90 video clips of incomplete gameplay for Rockstar’s highly anticipated new title were published in online forums. The leak forced Rockstar to release the GTA 6 trailer ahead of schedule to control the narrative. Kurtaj was part of Lapsus$, a gang of teen hackers responsible for compromising multiple large corporations throughout 2022 and 2023.

Cybersecurity Vulnerabilities in Third-Party Infrastructure

Both recent breaches highlight a critical vulnerability: Rockstar’s reliance on third-party cloud providers for sensitive data storage. Attackers have exploited these external systems rather than penetrating Rockstar’s primary infrastructure directly.

This pattern underscores a broader industry challenge. Major corporations increasingly outsource cloud services to specialized providers, yet these intermediaries can become prime targets for hackers seeking high-value data without directly attacking well-defended corporate networks.

What Happens Next

ShinyHunters has indicated that stolen data will be released publicly if payment demands are not met. Rockstar has not disclosed whether it intends to negotiate or contact law enforcement. The studio’s next major release, Grand Theft Auto 6, is scheduled for November 2026, and any further leaks could potentially impact its rollout strategy.