ShinyHunters Claims Rockstar Games Breach via Anodot-Snowflake Integration Threat group ShinyHunters has listed Rockstar Games on its leak site, alleging a data breach through a compromised Anodot-Snowflake integration. The group has set an April 14 deadline for the studio to respond to its ransom demands. This incident follows Rockstar’s 2022 breach, where early Grand Theft Auto VI footage was leaked via a social engineering attack on its internal Slack. Unlike that incident orchestrated by an individual this latest threat appears to be part of a larger campaign targeting companies using cloud-based data warehousing and monitoring tools. ShinyHunters, known for high-profile breaches at Ticketmaster, AT&T, and Microsoft, allegedly bypassed Rockstar’s security by exploiting an automated integration with Anodot, a third-party cloud-cost monitoring platform. The group claims to have accessed Rockstar’s Snowflake environment which stores analytical data and player telemetry by harvesting authentication tokens from Anodot. This method allows attackers to bypass multi-factor authentication using long-lived service tokens, a tactic ShinyHunters has increasingly employed since late 2025. Rockstar is not the only target. The group has also listed Amtrak and McGraw Hill, claiming to have compromised over 100 million records through third-party Salesforce integrations. While Rockstar and its parent company, Take-Two Interactive, have yet to issue an official statement or regulatory disclosure, the breach if confirmed could expose sensitive corporate and player data. The April 14 deadline suggests the group may release the data if demands are unmet.