ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot
ShinyHunters claims Rockstar Games Snowflake breach via Anodot compromise, threatens April 14 data leak.
Summary
ShinyHunters claims to have accessed Rockstar Games' Snowflake environment through a compromised Anodot integration, extracting authentication tokens to gain unauthorized access. The group set an April 14, 2026 deadline for ransom payment before threatening to leak the stolen data. This attack follows ShinyHunters' established pattern of targeting third-party integrations and API keys rather than direct exploits, with the group having previously claimed breaches affecting 400+ companies including Salesforce, Cisco, and European Commission.
Full text
Data Breaches Cyber Attacks Cyber Crime SecurityShinyHunters Claims Rockstar Games Snowflake Breach via Anodot ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met. byWaqasApril 11, 20262 minute read Rockstar Games is back in the news, not over Grand Theft Auto VI delays, but because the ShinyHunters hacking group claims it accessed the company’s Snowflake environment and may be holding a large volume of data at risk of being leaked. The message, published on the group’s dark web leak site on April 11 (UK time), sets a deadline of April 14 and follows a familiar pattern of pay or face public exposure. This case differs from a typical direct breach because the attackers pointed to Anodot, a SaaS platform used for cloud cost monitoring and analytics, as the entry point. In their post, they claimed, “Rockstar Games! Your Snowflake instances were compromised thanks to Anodot.com. Pay or leak.” “Rockstar Games, your Snowflake instances were compromised thanks to Anodot.com. Pay or leak. This is a final warning to reach out by 14 Apr 2026 before we leak, along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline.” ShinyHunters ShinyHunters claiming Rockstar Games as its new victim (Image credit: Hackread.com) Recent reporting confirmed that Anodot suffered a security breach, which attackers then used as a way to access customer environments connected through integrations. Reportedly, attackers were able to extract authentication tokens from Anodot, which function as trusted credentials between services. With those tokens, they could access connected Snowflake accounts without needing to exploit vulnerabilities in Snowflake itself. Once inside Snowflake environments, attackers exfiltrated data using normal database operations. Worse, because the access appeared legitimate, detection was not immediate in many cases. Several organizations were impacted before the activity was flagged and contained. Anodot’s Status page For your information, ShinyHunters has built a track record of targeting identity systems, API keys, and third-party integrations instead of relying on traditional exploits. Their focus is to gain valid access, extract large databases, and then apply pressure through public leak threats. Earlier this March, ShinyHunters said it had obtained Salesforce-linked data tied to more than 400 companies. Since then, the group has published data from 26 of those organizations, giving weight to at least part of its claims. Some of the claimed and confirmed cases linked to ShinyHunters include the following organizations: Cisco Ben.nl Odido NL Telecom Giant Telus Dutch Telecom Odido European Commission SoundCloud, Crunchbase, Betterment, and several others. As for Rockstar Games, the company has not issued a statement addressing the claim. What the Anodot incident shows is that while automation and cloud integrations improve efficiency, they can also introduce serious data security risks when access controls or tokens are exposed. Nevertheless, Hackread.com has reached out to Rockstar Games for comment. Until then, the claim reflects a real and active attack campaign, but one that has yet to be confirmed for this specific target. Waqas I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cybersecurity and tech world. I am also into gaming, reading and investigative journalism. View Posts AnodotCyber AttackCyber Crimedata breachgamingGrand Theft Auto VIGTA 6Rockstar GamesSalesforceShinyHuntersSnowflake Leave a Reply Cancel reply View Comments (0) Related Posts Read More Security Cyber Attacks Dark.IoT & Custom Botnets Exploit Zyxel Flaw in DDoS Attacks The DDoS attacks have been observed in various regions, including Central America, North America, East Asia, and South Asia. byWaqas Phishing Scam Security Researchers Expose Iranian Phishing Servers Targeting Opposition A group of researchers from Checkpoint Security firm claimed that they have breached phishing servers that were used… byUzair Amir Cyber Crime News Phishing Scam Scams and Fraud Bahamian Hacker Gets 5 Years Jail Time for Hacking, Leaking Celebrities Photos Alonzo Knowles, a 24-year-old Bahamian male, has received five years in prison for violating the privacy of celebrities,… byCarolina Cyber Crime Malware Developer of NanoCore RAT that targeted Canada, US & Steam jailed The developer of NanoCore RAT (remote access Trojan) has been sentenced to 33 months (2.75 years) in prison for… byWaqas
Indicators of Compromise
- domain — Anodot.com