The countdown around GTA 6 takes a worrying turn. After claiming responsibility for a new hack of Rockstar Games via a third-party provider, the hacker group ShinyHunters now claims that the stolen data will end up online if the studio does not pay the demanded ransom.
Initially, the pirates had set an ultimatum for April 14 with a very clear message, such as “pay or leak”. But after Rockstar’s public response downplayed the incident, ShinyHunters told the BBCcited by TheGamer, that they plan to “publish the stolen data online since their demands have not been met”, potentially before the deadline. Enough to revive the fear of a complete unpacking around GTA 6.
GTA 6: will Rockstar hackers really follow through on their threat?
On April 11, messages spotted by sites like CyberSec Guru reported a massive hack targeting the internal data of Rockstar Gameswith an ultimatum set for April 14. Shortly after, the studio confirmed the attack to media outlets like Kotakuspeaking of a “limited amount of non-material corporate information” and ensuring that this “has no impact on our organization or our players”.
This very controlled communication would have ignited the powder. According to the BBCmembers of ShinyHunters now say they will go ahead and publish the data, as their requests have not been heeded. TheGamer even specifies that the group threatens to act a day earlier than expected, just to show that it holds the reins of the standoff.
For Rockstar, giving in to the ransom would be extremely risky: no guarantee that hackers will actually destroy the files, and a dangerous signal sent to the entire industry. The precedent of 2022, with the group Slip of the tongue$ and massive gameplay leaks from GTA 6ended with the young identified hacker being confined in a secure hospital. But despite this example, structured groups like ShinyHunters continue to target video game giants.
What GTA 6 data ShinyHunters promises to release and what it changes for players
According to ShinyHunters, these are not new gameplay videos or source code, but mainly marketing data and financial records. Concretely, this can cover development cost reports for GTA VIplayer spending statistics, contracts (casting, music, partnerships) and above all the detailed marketing calendar: trailer windows, advertising campaigns, possible postponement scenarios.
The first analyses, notably relayed by La Crème du Gaming, underline that no evidence yet points to a leak of playable builds, passwords or online identifiers. Nothing to do, therefore, with the shock of 2022, where nearly a hundred internal videos of GTA 6 had circulated on the forums.
On the technical side, the attack would go through the analytics tool Anodot : hackers allegedly stole authentication tokens to access the data warehouse Snowflake from Rockstar, as if a legitimate badge opened the archives to them. A typical supplier chain attack scenario, which directly affects the parent company Take-Two Interactive.
For French players, the immediate risk seems limited. If personal data of European users had been compromised, Rockstar would be obliged to notify under the GDPR. In the meantime, it’s better to activate double authentication, change your password and be wary of fake “Rockstar Support” emails. The main danger remains the possible wave of massive spoilers on the story, map or soundtrack of GTA 6.
GTA 6 hack: what else can Rockstar Games do against ShinyHunters?
Previous cases involving ShinyHunters show a recurring pattern: when the ransom is not paid, the data often ends up published or resold. Paying does not guarantee anything, and authorities advise against this option, which directly funds future attacks.
If Rockstar maintains its hard line, we can expect to see internal presentations, financial documents and marketing plans leaked around GTA VI. The studio could then be forced to adjust its communication, bring forward certain trailers or confirm certain elements of the universe earlier than expected to regain control.
As it stands, everything indicates that the development of the game is not affected and that no serious media mentions a postponement of the release because of this piracy. But after Lapsus$ in 2022 and ShinyHunters in 2026, the affair above all reminds AAA publishers that they must better secure their external service providers, as well as their own servers.