Stolen Rockstar Games analytics data leaked by extortion gang
Rockstar Games has suffered a data breach linked to a recent security incident at Anodot, with the ShinyHunters extortion gang now leaking the stolen data on its data leak site.
The threat actors claim the data was taken from Snowflake environments using authentication tokens stolen during a recent Anodot security incident.
They have now published what they say is Rockstar Games data containing more than 78.6 million records.
“Your Snowflake instances metrics data was compromised thanks to Anodot.com,” reads a listing on the ShinyHunters extortion site.
Rockstar Games did not respond to multiple requests for comment about the breach from GeekFeed. However, in a statement shared with Kotaku, the company confirmed that it suffered a data breach.
“We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach,” Rockstar told Kotaku.
“This incident has no impact on our organization or our players.”
The threat actors told GeekFeed that the leaked data primarily consists of internal analytics used to monitor Rockstar’s online services and support tickets.
This data allegedly includes in-game revenue and purchase metrics, player behavior tracking, and game economy data for Grand Theft Auto Online and Red Dead Online. The datasets also appear to contain customer support analytics for the company’s Zendesk support instance.
In a file list shown to GeekFeed, there were references to fraud detection systems and anti-cheat model testing.
The incident is part of a larger data theft campaign linked to a recent security incident at Anodot, a data anomaly detection company that integrates with a wide range of SaaS cloud platforms.
As first reported by GeekFeed, the threat actors stole authentication tokens from the service and used them to access customer data stored in connected Snowflake, S3, and Amazon Kinesis instances.
Snowflake confirmed to GeekFeed last week that it had detected unusual activity affecting a small number of customer accounts tied to a third-party integration, and responded by locking down the affected accounts and notifying customers.
The company later confirmed that the third-party integration company was Anodot.
The ShinyHunters group told GeekFeed it was behind the attacks and claimed to have stolen data from dozens of companies using the compromised tokens.
Rockstar Games previously suffered a breach in 2022 when a hacker associated with the Lapsus$ extortion group leaked Grand Theft Auto 6 gameplay videos and source code.
