Rockstar Video games, a subsidiary of Take-Two Interactive Software program, as we speak confirmed that an unauthorized third occasion had downloaded recordsdata and movies for its flagship sport Grand Theft Auto 6 following the posting over the weekend of scores of video clips to a web-based discussion board.
Greater than 90 video recordsdata — since eliminated — had been posted at 3:26 a.m. on Sunday, Sept. 18, to the GTAForums. A number of discussion board customers thought of the movies to be genuine, and the discussion board directors appeared to verify that that knowledge was stolen after they pulled down the recordsdata and posted a warning for discussion board members to not share media or hyperlinks to copyrighted materials.
By early Monday, Take-Two Interactive had confirmed the breach in a company submitting with the Securities and Change Fee.
“Rockstar Video games just lately skilled a community intrusion through which an unauthorized third occasion illegally accessed and downloaded confidential data from its techniques, together with early growth footage for the subsequent Grand Theft Auto,” the corporate said within the submitting. “Present Rockstar Video games companies are unaffected. We’ve already taken steps to isolate and include this incident.”
The breach is the newest assault on gaming firms. In June 2021, sport big Digital Arts suffered an enormous breach, with cybercriminals stealing almost 800GB of supply code and knowledge from the agency. The breach adopted an assault on CD Projekt Pink, the maker of the Witcher video games and Cyberpunk 2077, which resulted within the theft of inner knowledge and supply code.
Recreation firms aren’t the one group being focused — attackers are additionally centered on avid gamers. Gamers of the highest 28 video games encountered greater than 380,000 situations of malware and undesirable recordsdata the 12 months ending in June 2022, in accordance with software program safety agency Kaspersky Lab. Rockstar Video games’ Grand Theft Auto was the fourth most focused PC sport, in accordance with the agency’s evaluation.
“Even though the variety of customers affected by gaming-related threats has dropped, sure gaming threats are nonetheless on the rise,” Kaspersky researchers said. “Over the previous 12 months, we’ve seen a rise in cybercriminal exercise round stealers, which permit attackers to steal financial institution card knowledge, credentials, and even crypto wallets knowledge from contaminated units.”
Within the Rockstar Video games assault, the risk actor apparently gained entry by means of a compromised credential. The cybercriminal used the identify “teapotuberhacker,” reportedly claiming to be the particular person behind the breach of Uber final week.
Nevertheless, dependable particulars of the hack are in brief provide. Already, fraudsters have posted a substantial amount of misinformation on Twitter and have reserved names just like the hacker’s on Telegram and different social media networks.
A thread on the GTAForums seems to be real, nonetheless. The directors have already eliminated the video recordsdata and hyperlinks posted by the purported hacker. A number of posts on the GTAForums have claimed that the movies got here from a developer Slack channel, which is analogous to the compromise of Digital Arts. The posted movies are dated between March 2021 and September 2022.
Take-Two Interactive and Rockstar Video games performed down the influence of the assault, sustaining that the event of the sport won’t be affected.
“Work on the sport will proceed as deliberate,” the corporate said in its SEC submitting. “At the moment, Rockstar Video games doesn’t anticipate any disruption to its present companies nor any long-term impact on its growth timelines because of this incident.”
The hacker posted the movies to GTAForums early Sunday morning, stating, “Listed here are 90 footage/clips from GTA 6,” and including, “Its potential i may leak extra knowledge quickly, GTA 5 and 6 supply code and property, GTA 6 testing construct.”
The attacker could not have had common entry to Rockstar Video games’ techniques, however solely the communication channels utilized by builders. “These movies had been downloaded from Slack,” the poster wrote, clarifying that the supply was “worker communications.”
Wall Road Fallout
The breach initially harm Take-Two Interactive’s inventory worth (NASDAQ: TTWO), however the firm’s assurance that the sport’s launch date wouldn’t be delayed appeared to assuage traders, and the inventory rose barely by late afternoon. The corporate has truly not but introduced the sport’s official launch knowledge, however reviews have pegged mid- to late-2024 as probably.
“We’re extraordinarily upset to have any particulars of our subsequent sport shared with you all on this approach,” the corporate mentioned in a press release posted on Twitter. “Our work on the subsequent Grand Theft Auto sport will proceed as deliberate and we stay as dedicated as ever to delivering an expertise to you, our gamers, that actually exceeds your expectations.”