tomshardware.com
By Hassam Nasir published 11 april 2026
This is the second potentially major breach Rockstar has faced in recent years.
Rockstar Games seems to have been hacked yet again, this time by the popular group "ShinyHunters" that has also compromised other large companies before. The attack was first spotted by Cybersec Guru, who later got a quote from a Rockstar spokesperson confirming it had been breached. The group has stolen confidential data and is holding the company at ransom for it, with a payment deadline set for April 14.
"Rockstar Games, your Snowflake instances were compromised thanks to Anodot.com. Pay or leak. This is a final warning to reach out by 14 Apr 2026 before we leak, along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline.” — ShinyHunters on their website.
There is little info as to what this data includes (or the ransom amount) since most of the conversation is cordoned off to the dark web, where such sales often occur. Previously, Rockstar was hacked in 2022, where a single person was able to access internal development channels and acquire nearly 100 early gameplay videos for GTA VI, including, allegedly, the source code for both GTA VI and GTA V.
ShintyHunters, in contrast, is a group that operates less traditionally and often exploits API keys, user sessions, and third-party integrations to get inside more legitimately. In this instance, they were able to hijack the company's Anodot, which is an analytics and monitoring tool many businesses use to track finances. Anodot is connected to the firm's cloud infrastructure, which is "Snowflake" in Rockstar's case.
The group didn't break Snowflake's security; they instead extracted authentication tokens from Anodot to pass as regular users and access Snowflake accounts. Once in, they easily stole the data, which likely doesn't include passwords or sensitive player info, and perhaps not even bits from active game development. Still, there will be confidential corporate data that Rockstar doesn't want to float around otherwise.
Snowflake is not just used by Rockstar. Many other companies that integrate it via Anodot have been compromised by ShinyHunters in the past few months as well. Rockstar seems to be part of a broader wave of extortion-related hacks that go beyond any ideological pursuits, such as the recent Spotify breach. In any case, if the ransom isn't paid by April 14, the malicious group will release the stolen data publicly.
Rockstar's spokesperson has told multiple outlets the hackers only took "non-material company information" and that the overall attack doesn't impact "our organization or our players.” That implies maybe the ransom doesn't need to be paid, since the data doesn't have any meaningful value and players aren't affected, or it could just be damage control.
Realistically, we could get insight into some interesting spending habits inside the firm in case the data is released. How the marketing for the game is being shaped behind the scenes, its costs, or a potential delayed release window that hasn't been announced yet. Ironically, considering GTA VI is due in a few months, any cybersecurity lapses at Rockstar only exacerbate the players' worries of said potential delay.
| Tom's Hardware
By Jowi Morales published October 11, 2025
The Crimson Collective hacking group claims to have breached Nintendo's security and stolen files from the gaming company.
A high-profile hacking group called Crimson Collective claimed that it had successfully hacked Nintendo, which is notorious for being litigious and overprotective of its intellectual property. Cybersecurity intelligence firm Hackmanac shared a screenshot on X that allegedly showed proof of the attack, with folders that seemingly stored Nintendo data, including production assets, developer files, and backups. However, the Japanese gaming giant is yet to make a statement about this attack, so we’re unsure if this is real or just a made-up screenshot.
Crimson Collective is the group behind the recent attack on Red Hat, during which it gained unauthorized access to the company’s GitHub repositories and stole about 570GB of data. The group then attempted to extort the company but was simply dismissed. Red Hat eventually confirmed the breach, opting to work with the authorities to pursue the attackers and collaborating with its affected clients to rectify the issue.
If this attack on Nintendo is legitimate and perpetrated by the same party, then it’s likely they are attempting the same tactic of contacting the gaming giant through official channels and asking for payment to delete the stolen data, or else they will leak it.
This isn’t the first time that hackers have attacked a gaming company. Rockstar was previously targeted by an attack in 2023, and some of the source code for Grand Theft Auto VI was leaked online. In the same year, Insomniac Games, the studio behind several Spider-Man titles, was hit by a ransomware attack, and files related to games and employees were made available for download on the internet. CD Projekt Red was also a victim in 2021, after the source codes for Cyberpunk 2077, The Witcher 3, and several other titles, along with several different files, were stolen and threatened to be released publicly if the company did not pay.
Despite all the noise, Nintendo is known for keeping its secrets. Unless customer or personal data has been targeted or leaked, where it’s required by law to notify the public of an attack, it’s unlikely that the company will disclose any details of this breach. So, without confirmation from the makers of the Switch 2, we can only guess if Crimson Collective’s exploit is true or not.
tomshardware.com - A leading mobile device insurance and service network has initiated insolvency proceedings in the wake of a cyberattack. Selling properties and cutting staff numbers wasn't enough to save the business.
The Einhaus Group was once a familiar name, with its services available through 5,000 retail outlets in Germany and an annual revenue of around 70 million Euros.
A leading mobile device insurance and service network has initiated insolvency proceedings in the wake of a cyberattack. Germany’s Einhaus Group was targeted by hackers in March 2023 and is understood to have paid a ransom(ware) fee of around $230,000 at the time, according to Wa.de and Golem.de (machine translations). However, the once large and successful company, with partnerships including Cyberport, 1&1, and Deutsche Telekom, struggled to recover from the service interruption and the obvious financial strains, which now appear to be fatal.
The ides of March
In mid-March 2023, Wilhelm Einhaus, founder of the Einhaus Group, recalls coming into the office in the morning to witness a ‘horrific’ greeting. On the output tray of every printer in the office was a page announcing, “We've hacked you. All further information can be found on the dark web.” Further investigations revealed that the hack group 'Royal' was the culprit. They had encrypted all of Einhaus Group’s systems, which were essential for the day-to-day running of the business. 'Royal' demanded a ransom payment, thought to be around $230,000 in Bitcoins, to return access to the computers.
Of course, with operational systems down, there was an immediate impact on Einhaus. The police were involved promptly. However, the affected firm seems to have decided to pay the ransom, as it could see business losses/damages piling up – meaning continuing without the computer systems was untenable. Einhaus estimated that the hacker-inflicted damage to its business was in the mid-seven-figure range.
