GTA 6 Developer Reportedly Hacked Again, Now Facing Ransom Deadline

Rockstar Games has reportedly been hit by another cybersecurity incident, with a notorious hacker group claiming to have breached a third-party platform the Grand Theft Auto 6 developer uses to monitor cloud service usage. Rockstar is now said to be facing a tight deadline to pay a ransom before the attackers release the stolen data. If confirmed, the incident would mark the company’s second major security breach since GTA 6 entered development.

The group that claimed responsibility for the attack is ShinyHunters, a black-hat hacking collective named after shiny Pokemon collecting that has been active since early 2020. Over the following six years, ShinyHunters claimed responsibility for dozens of successful attacks on high-profile targets, including Google, AT&T, Ticketmaster, Mashable, GitHub, and several universities, ranging from Harvard to Princeton.

Former Rockstar Dev Explains Why GTA 6 May Have Taken So Long To Develop

An ex-Rockstar developer who worked on Grand Theft Auto 5 speculates on why the next installment in the series, GTA 6, has taken so long to develop.

Rockstar’s Data Cloud Reportedly Hacked via Third-Party Service

In a recent update to its leak site on the dark web, ShinyHunters claimed to have breached Rockstar’s Snowflake environment, a cloud data platform. The group said it exfiltrated large amounts of corporate data (i.e., likely nothing related to end-user accounts) by exporting databases directly from Snowflake. However, Snowflake itself was not breached directly. ShinyHunters said they compromised Anodot, a business monitoring tool Rockstar uses to track cloud service costs. After obtaining authentication tokens used in Rockstar’s Anodot integrations, the hackers accessed the company’s Snowflake environment, appearing as legitimate users, a common tactic in credential-based data breaches.

Rockstar Given April 14 Ransom Deadline

ShinyHunters gave Rockstar a April 14 deadline to pay a ransom to prevent the stolen data from being released publicly. Based on the group’s track record, the threat appears credible, as ShinyHunters has a well-documented pattern of extortion followed by data leaks. Google Threat Intelligence says recent operations linked to ShinyHunters have involved the exfiltration of SaaS data for later extortion, while past media reports say data from Dutch telecom Odido, the business directory Crunchbase, and Harvard University were leaked after the victims refused to pay the ransom.

Rockstar has not publicly commented on ShinyHunters’ claims. If confirmed, the hack would mark the second high-profile data breach the company has suffered in recent years. In September 2022, dozens of clips from an early build of GTA 6 surfaced online after a group known as Lapsus$ successfully phished the credentials of one of the developer’s employees. The person who performed the attack was later identified as 18-year-old Arion Kurtaj from Oxford, who was on bail at the time over hacks targeting BT/EE and Nvidia. The BBC reported that he was under active police protection at the time but still managed to carry out the hack using only his hotel television, an Amazon Fire TV Stick, and a smartphone. Kurtaj was given an indefinite hospital order in December 2023, with a judge ruling he will remain in a secure hospital for as long as doctors deem him a danger to society.

Rearrange the covers into the correct US release order.

Easy (5)Medium (7)Hard (10)

ShinyHunters’ data breach claims arrive at a time when GTA 6 is entering its final stretch of development. In February 2026, publisher Take-Two Interactive reaffirmed the game’s November 19 release date, which has remained the official target since a delay announced in November 2025. Marketing and pre-orders are expected to begin in summer 2026, based on Take-Two’s latest guidance.