ShinyHunters Leak Exposes Rockstar Financials After Ransom Refusal

Rockstar Games has been hacked. Again. And this time, the group responsible didn't wait around.

On April 13, a day before their own deadline, ShinyHunters released the data they claimed to have stolen from Rockstar Games. The dump went live on the group's dark web site, along with a taunting message directed squarely at the studio.

"Your Snowflake instances metrics data was compromised thanks to Anodot.com," the message reads. "We do not operate a Telegram channel and this data was never for sale like reported on X (formerly Twitter) for $200k. It is now leaked. How does it feel to be the headline?"

So how did they get in?

How ShinyHunters Got the Data

ShinyHunters did not breach Rockstar directly. They went through Anodot, a SaaS platform Rockstar uses for cloud-cost monitoring and spending anomaly detection. From Anodot's systems, the group pulled authentication tokens, digital credentials that allow one service to communicate with another without manual password entry.

Snowflake itself does not appear to have been compromised. The platform authenticated valid credentials, which is exactly what it was built to do. The failure occurred at the integration layer: Anodot held broad read permissions on Rockstar's Snowflake warehouse, and once Anodot was compromised, those permissions transferred to the attackers.

Essentially, they found a side door left open by a third-party tool. Not glamorous, but effective.

What's Actually in the Leak

If you were hoping for GTA 6 footage or source code, you're going to be disappointed.

What isn't in here, at least based on early reports, is any Grand Theft Auto 6 source code files, assets, or player data that could cause major issues for Rockstar or provide the community with juicy leaks.

The leaked data allegedly includes financial information about the online modes for both GTA and Red Dead, as well as spending data for various countries. Reports surfacing on social media suggest Rockstar earns over $1 million a day from GTA Online , with the data confirming just how heavily the studio leans on Shark Card monetisation to keep the lights on. Meanwhile, newly released data from ShinyHunters also seems to indicate that Red Dead Online is making far, far less. Make of that what you will.

It's unclear if ShinyHunters has any more damaging information about Rockstar Games. Given the specific vulnerability cited, it's not surprising they were able to access so much financial data. However, it's possible that the group identified a second vulnerability or has more than it's letting on. By leaking information about Rockstar's financials, the group may be hoping to change Rockstar's mind about not paying out a ransom.

Rockstar's Response

Rockstar confirmed the breach and claimed that it would have "no impact on our organization or our players." A spokesperson said: "We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach. This incident has no impact on our organization or our players."

After news of the hack, Take-Two Interactive, Rockstar's parent company, saw its share price drop by more than 6% in pre-market trading. The stock price did rebound afterward to its usual levels.

Don't Download the Files

Seriously. Don't.

The leak is sitting on a dark web site run by a hacking group known for targeting massive corporations. Downloading files from ShinyHunters' platform carries real risks, including malware. Rockstar's own position is that the data lacks material concern, and frankly, internal revenue metrics for GTA Online are unlikely to change your life in any meaningful way.

This Has Happened Before

Rockstar's history with hackers is, to put it generously, not great. Back in 2022, a teenager used an Amazon Fire Stick to hack the studio, obtaining information about Grand Theft Auto 6 in the process. Ultimately, they received an indefinite hospital sentence, only to be released when hospital staff deemed them no longer a danger.

You can read more about Rockstar's ongoing battles with leaks and the internal fallout from that culture in our earlier piece on the Glasgow tribunal.

This sort of hack is a felony and could carry a major prison sentence. ShinyHunters has been here before too. Past targets have included Microsoft, Ticketmaster, Cisco, AT&T, and Wattpad. They typically go after large companies, then try to ransom the data or sell it.

What About GTA 6?

GTA 6's current release date is November 19, 2026, following two high-profile delays. The game was originally planned for Fall 2025, then pushed to May 26, 2026, before Rockstar announced the new November date.

Nothing in this leak appears to threaten that timeline. The studio has been down this road before and hasn't blinked. Whether ShinyHunters has anything more damaging sitting on a server somewhere, nobody outside the group knows for certain. For now, the released data tells us Rockstar makes an enormous amount of money from GTA Online, and Red Dead Online is quietly struggling. Neither of those things will come as a shock to anyone paying attention.