ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot

Rockstar Games is again within the information, not about Grand Theft Auto VI delays, however as a result of the ShinyHunters hacking group claims it accessed the corporate’s Snowflake setting and could also be holding a big quantity of knowledge prone to being leaked.

The message, revealed on the group’s darkish net leak website on April 11 (UK time), units a deadline of April 14 and follows a well-known sample of pay or face public publicity.

This case differs from a typical direct breach as a result of the attackers pointed to Anodot, a SaaS platform used for cloud price monitoring and analytics, because the entry level. In their put up, they claimed, “Rockstar Games! Your snowflake cases have been dedicated due to Anodot.com. Pay or leak.”

“Rockstar Games, your Snowflake instances were compromised thanks to Anodot.com. Pay or leak. This is a final warning to reach out by 14 Apr 2026 before we leak, along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline.”

ShinyHunters

Recent reporting confirmed that Anodot suffered a safety breach, which attackers then used as a strategy to entry buyer environments linked by means of integrations. Reportedly, attackers have been capable of extract authentication tokens from Anodot, which perform as trusted credentials between providers. With these tokens, they might entry linked Snowflake accounts while not having to take advantage of vulnerabilities in Snowflake itself.

Once inside Snowflake environments, attackers exfiltrated information utilizing regular database operations. Worse, as a result of the entry appeared authentic, detection was not speedy in lots of circumstances. Several organizations have been impacted earlier than the exercise was flagged and contained.

For your info, ShinyHunters has constructed a monitor report of targeting identity systemsAPI keys, and third-party integrations as a substitute of counting on conventional exploits. Their focus is to achieve legitimate entry, extract massive databases, after which apply stress by means of public leak threats.

Earlier this March, ShinyHunters said it had obtained Salesforce-linked information tied to greater than 400 firms. Since then, the group has revealed information from 26 of these organizations, giving weight to no less than a part of their claims. Some of the claimed and confirmed circumstances linked to ShinyHunters embrace the next organizations:

As for Rockstar Games, the corporate has not issued a press release addressing the declare. What the Anodot incident exhibits is that whereas automation and cloud integrations enhance effectivity, they will additionally introduce severe data security risks when entry controls or tokens are uncovered.

However, Hackread.com has reached out to Rockstar Games for remark. Until then, the declare displays an actual and energetic assault marketing campaign, however one which has but to be confirmed for this particular goal.