ShinyHunters leaks 78M Rockstar Games analytics records from Anodot-Snowflake breach

The ShinyHunters extortion group has published what it claims are 78.6 million records stolen from Rockstar Games, tracing the access back to authentication tokens lifted from Anodot, a SaaS anomaly-detection vendor that integrates with customer Snowflake, S3, and Kinesis environments. Rockstar confirmed a limited third-party breach to Kotaku but characterized the exposed material as non-material company information with no impact on players.

The leaked dataset is primarily operational telemetry rather than player credentials: in-game revenue and purchase metrics, player behavior tracking, and economy data for GTA Online and Red Dead Online, alongside Zendesk support analytics and references to fraud detection and anti-cheat model testing. That combination is still sensitive — it hands attackers and cheat developers a map of how Rockstar measures and polices its live services.

The Rockstar leak is one node in a broader campaign. ShinyHunters claims to have pivoted from the stolen Anodot tokens into Snowflake instances across dozens of customers. Snowflake detected anomalous activity tied to the third-party integration, locked affected accounts, and notified customers. The incident is another case of an observability or analytics vendor becoming a single point of compromise for every downstream cloud data warehouse it touches.