Tag: data breach

  • GTA 5 Cheat Service Data Breach Exposes 64,000 Users

    GTA 5 Cheat Service Data Breach Exposes 64,000 Users

    Key Takeaway

    – Atlas Menu, a paid cheat service for GTA 5 and CS2, suffered a data breach in May 2026, exposing 63,926 users’ data.
    – Stolen data includes email addresses, usernames, IP addresses, support tickets, and bcrypt-hashed passwords.
    – Atlas Menu has not publicly acknowledged the breach, provided no warnings, and is no longer accessible.
    – Affected users should immediately change passwords for the email used on the service and any other accounts sharing that password.
    – Use Have I Been Pwned to check if your email was compromised.

    Major Security Incident Hits Popular Cheat Service

    Many GTA 5 players use different cheats and mod menus to gain an advantage over other players. Whether it is spawning money or unlocking features, cheat services remain popular despite Rockstar’s efforts to crack down on them. However, it seems that a large number of those cheaters are now dealing with a different problem, as one of the most well-known paid cheat providers has suffered a major data breach.

    Service Targeted Last Month

    Atlas Menu, a paid cheating service that offered tools for both GTA 5 and Counter-Strike 2, was reportedly breached last month in May 2026. According to the breach notification service Have I Been Pwned, the incident affected 63,926 users connected to the platform.

    The breach exposed thousands of unique email addresses tied to Atlas Menu’s user base. However, the stolen data also included usernames, IP addresses, support tickets, and passwords stored as bcrypt hashes.

    Complete Silence From Company

    What’s interesting is that Atlas Menu has not released any statement about the breach. There has been no public acknowledgement, warning to users, or explanation about what happened. On top of that, the platform itself is no longer accessible, leaving users without any official source of information.

    Immediate Steps for Affected Users

    For anyone who was using Atlas Menu, now is probably a good time to take security seriously. The first thing users should do is change the password associated with the email account they used on the service. More importantly, if that same password was used on other websites, services, or gaming accounts, those passwords should be changed immediately as well.

    For now, Atlas Menu remains offline and silent. Until more information emerges, affected users should assume their information may have been exposed and take the necessary steps to secure their accounts.

     


    Sources

    Tags: , , , ,
  • Spectrum Data Leak After Charter Refuses Ransom

    Spectrum Data Leak After Charter Refuses Ransom

    Key Takeaway

    – Attackers used voice phishing (vishing) to steal a Charter employee’s Microsoft Entra credentials, bypassing technical defenses.
    – The breach exposed data for at least 13 million individuals, including names, addresses, phone numbers, and plan details, primarily from Spectrum Enterprise.
    – A dispute exists over whether federally protected Customer Proprietary Network Information (CPNI) was stolen; independent researchers are now assessing the leaked data.
    – This attack follows a 2026 pattern by ShinyHunters: compromise cloud identities via social engineering, pivot to SaaS platforms, and extort data before public release.
    – Affected customers should change passwords, enable two-factor authentication, freeze credit with major bureaus, and verify exposure via Have I Been Pwned.

    Spectrum Owner Charter Communications Confirms Data Breach After Ransom Deadline Passes

    Charter Communications, the company behind Spectrum internet, cable, and mobile service, has confirmed a data breach after the ShinyHunters extortion group published stolen customer records when its May 27 ransom deadline passed without a response. The attack was not sophisticated in a technical sense. ShinyHunters told BleepingComputer the breach occurred on April 1 through a voice phishing attack targeting a Charter employee’s Microsoft Entra account. No technical barrier was broken. Someone called, impersonated IT support, and walked away with valid credentials. The attackers used that access to export customer records from Charter’s Salesforce instance before the intrusion was detected.

    Over 13 Million Individuals Affected Alongside Support Ticket Records

    The Cybernews research team confirmed ShinyHunters published data covering at least 13 million individuals alongside nearly 10 million customer support ticket records. Most of the customer data originates from Spectrum Enterprise, the division serving large businesses, corporations, and government agencies. A separate internal employee directory subset of around 85,000 records was also exposed, containing job titles, work emails, and in a limited number of cases, home addresses. Published customer records include names, email addresses, physical addresses, phone numbers, phone type, and plan information. ShinyHunters originally claimed 40 to 42 million records, a figure that exceeds Charter’s entire US customer base of 32 million. Cybernews noted the dataset likely contains duplicates. Have I Been Pwned, via BleepingComputer, confirmed 4.9 million unique email addresses and added them to its database.

    Dispute Over CPNI Data and ShinyHunters Campaign Pattern

    The most consequential dispute concerns Customer Proprietary Network Information, a federally protected category covering call records, service subscriptions, and usage patterns. Charter told BleepingComputer that no sensitive personal information or CPNI data was exfiltrated. ShinyHunters claims the opposite. With the data now publicly posted, independent researchers are in a position to assess both claims. The broader pattern here is hard to miss. ShinyHunters has worked through a string of major targets in 2026 using the same general approach: compromise a cloud identity or SSO account through social engineering, pivot into connected SaaS platforms, export data at scale, and set a ransom deadline. Carnival Corporation was hit in April after attackers accessed systems through a third-party account. ADT, Aura, and Panera were also caught in the same campaign window. Charter did not engage before May 27. The data is now public.

    Steps Spectrum Customers Should Take To Protect Themselves

    Spectrum customers should change their account password, enable two-factor authentication, and treat unexpected contact claiming to be from Charter or Spectrum with caution. Have I Been Pwned can confirm whether your email address was exposed. A credit freeze at Equifax, Experian, and TransUnion is free, reversible, and prevents new accounts from being opened in your name.

    Sources
    Tags: , , , ,
  • Trump Mobile Website Leaking Customer Data: Report

    Trump Mobile Website Leaking Customer Data: Report

    Key Takeaway

    – A data breach on Trump Mobile’s site exposed customer details (names, emails, addresses, order numbers) though credit card data reportedly remained safe.
    – The leak affects the entire Trumpmobile.com ecosystem, including phone orders and Trump Mobile cellular service, with a private demonstration confirming the vulnerability.
    – Pre-order figures appear far lower than initial estimates, with Coffeezilla estimating around 10,000 actual pre-orders versus ~600,000 rumored.

    Much to the relief of everyone who ordered one, the Trump T1 Phone is actually slated to ship later this year amid rumours of cancellation. The smartphone has already been delayed and underwent some design changes along the way. Investigative journalist and YouTuber Coffeezilla, who happened to order one, has some jarring news for people who also pre-ordered a Trump T1 Phone.

    Privacy concerns rise as data leak surfaces

    The official Trump Mobile website has been leaking customer information, such as full names, email addresses, mailing addresses, and order numbers. Thankfully, customers’ credit card information appears to be safe. Coffeezilla received the information via an anonymous source who demonstrated the vulnerability to the YouTuber in private. The exploit is supposedly not complicated.

    Coffeezilla and his source have reached out to the Trump Mobile team, and are yet to hear back from them. The entire Trumpmobile.com website has been affected, meaning anyone who opts for Trump Mobile’s cellular service will also be affected, alongside those who ordered the phone. One can only hope that nobody else found the exploit, and that the Trump Mobile team works on patching it soon.

    The leak also reveals another tidbit about the overall popularity of the Trump T1 Phone. Initial estimates hinted at a little under 600,00 pre-orders, but apparently, the actual number is a lot lower. Based on the total amount of leaked data, Coffeezilla estimates the actual pre-order number to be about 10,000—far lower than what was initially thought.

     

    Tags: , , , ,
  • America’s Largest Home Security Company Confirms Data Breach

    America’s Largest Home Security Company Confirms Data Breach

    Key Takeaway

    1. ADT experienced a data breach exposing customer names, phone numbers, addresses, and partial Social Security or Tax ID numbers.
    2. No bank account or payment information was compromised in the breach.
    3. The hacker group ShinyHunters claims to have stolen data from over 10 million customers and is demanding a ransom to prevent leaking the information.
    4. As of now, it is unclear if ADT has responded to the ransom demand.

    Security breach affects major US home security provider

    The biggest home security company in the United States, ADT, recently faced a serious security breach that put many customers at risk. The company confirmed that on April 20, there was a data intrusion, but didn’t specify the exact number of people affected. What’s clear is that sensitive info like customer names, phone numbers, and addresses got stolen, raising alarm among users.

    Details of what was compromised

    In this security lapse, some customers’ last four digits of Social Security Numbers or Tax IDs and their birth dates were also exposed. Fortunately, ADT assured that their bank account details and payment information stayed safe and were not accessed during the breach. The firm stated it has already contacted those impacted to notify them about the situation.

    The hackers behind the attack and their demands

    The hacking group known as ShinyHunters claims responsibility for this breach. They recently revealed on their platform that they stole personal data for more than 10 million customers along with some internal corporate information. They’ve issued a warning that unless ADT pays a ransom, they will leak all the data and cause other digital disruptions.

    Uncertain future and ongoing investigation

    At this point in time, there’s no clear answer whether ADT has responded to ShinyHunters’ ransom demands. The group has set a deadline of April 27, threatening to release the stolen information if their demand isn’t met. As of today, the company and authorities continue to look into this security breach.

    Sources
    Tags: , , ,
  • Take-Two Stock Rises 2.5% as Rockstar Hacker GTA VI Leaks Fail

    Take-Two Stock Rises 2.5% as Rockstar Hacker GTA VI Leaks Fail

    Key Takeaway

    1. The data breach exposed Rockstar’s financial information but did not impact game development or player data, including GTA VI.
    2. Despite releasing the stolen data online, Rockstar’s stock surged, increasing Take-Two Interactive’s valuation by approximately $1 billion.
    3. The incident highlights the effectiveness of Rockstar’s response and investor confidence, with the breach having minimal material impact on the company’s operations or reputation.

    ShinyHunters Hacker Group and Rockstar Incident

    So, ShinyHunters, a dreaded hacker group, took aim at Rockstar Games, demanding a hefty ransom of $200,000. When Rockstar refused to bow down, the hackers made good on their threat and leaked some financial records to the public for free. Surprisingly, instead of causing much trouble, the leak seemed to boost Rockstar’s parent company, Take-Two Interactive. The company’s stock saw a remarkable increase, adding around a billion dollars to its overall worth in just one day. Quite a twist, huh?

    Details About the Data Breach

    Honestly, the hackers said they got into Rockstar’s systems through a tool called Anodot, which monitors Rockstar’s Snowflake cloud servers. After grabbing the data, they wanted $200,000 by April 14, 2026. Rockstar, brave as ever, decided not to pay. In an official statement, they said only a small amount of non-critical company info was accessed because of a third-party breach. Fans didn’t have to worry about their personal details or the new game, Grand Theft Auto VI, being compromised. The leaked info mostly involved earnings from GTA Online and Red Dead Online.

    Financials and Market Impact

    Talking numbers, GTA Online has been raking in about 1.3 million dollars daily since September 2025—adding up to nearly $10 million each week. Over a year, that’s almost $500 million, which is incredible for a game that’s been out for ten years. Meanwhile, Red Dead Online’s earnings were less impressive, but the massive revenue from GTA Online confirms the multiplayer mode is a true cash cow, especially with the popular Shark Cards.

    Stock Market Reaction

    On the day the news broke, the stock of Take-Two Interactive started at $202.60 and had a total market cap of $38 billion. As the day went on, the share price soared over 2.5%, hitting a high of $207.84, boosting the company’s valuation by an estimated billion dollars before falling back slightly to $205.10. This show that despite the hackers’ threats, investors remained confident about the company’s future prospects.

    Final Thoughts

    In the end, it looks like ShinyHunters’ attempt to put pressure on Rockstar didn’t work out how they planned. Instead, Rockstar Games’ reputation and stock seemed to strengthen, and shareholders stayed positive. The company stayed mostly quiet, only confirming that the breach was limited and had no impact on their major projects, including the upcoming launch of Grand Theft Auto VI.

    Sources
    Tags: , , , ,
  • Rockstar Cyberattack: Hackers Threaten to Release Stolen Data

    Rockstar Cyberattack: Hackers Threaten to Release Stolen Data

    Key Takeaway

    1. Rockstar Games was targeted by a cyberattack, with some data potentially leaked, including financial information related to GTA Online.
    2. The attackers, ShinyHunters, may release the stolen data since no ransom payment was made.
    3. Rockstar downplays the incident, claiming only limited non-material information was accessed and stating no impact on ongoing operations or GTA 6 release plans.
    4. The company has a history of cyberattacks and previous leaks, raising ongoing security concerns.

    Rockstar Games suffers another cyberattack, causing concern among fans and security experts alike

    Rockstar Games got hit again by hackers, which has caused quite a stir. The hackers initially asked for ransom money, but nobody knows exactly how much they wanted. It looks like Rockstar didn’t pay them, and now the hackers, known as ShinyHunters, say they are going to release the stolen data, as per the news from the BBC. Rockstar tries to make it look like nothing serious happened, saying that only a small amount of not-so-important company info was accessed through a third-party vendor.

    Data leak rumors and what might have been compromised

    At first, no one was sure if any information had actually been leaked, but recent reports hint that some of the stolen data could be out already. Insider Gaming has said that some info linked to the attack by ShinyHunters might include financial details about GTA Online. If this turns out to be true, then what was just a threat could already be a real leak, which is pretty worrying for everyone involved.

    Impact on players and upcoming game releases

    Despite the security breach, Rockstar insists that players should not worry because neither their ongoing projects nor the highly anticipated Grand Theft Auto VI scheduled for November 2026 are affected. Still, this hack keeps the company in a delicate spot since they’ve been frequently targeted. Back in 2022, a major leak with early GTA 6 information also appeared, adding to concerns about their cybersecurity.

    Sources
    Tags: , , , ,
  • Rockstar Games Faces April 14 Ransom Deadline After Data Leak

    Rockstar Games Faces April 14 Ransom Deadline After Data Leak

    Key Takeaway

    1. Rockstar Games is allegedly targeted in a significant security breach involving the theft of corporate and analytical data via a third-party cloud platform.
    2. The attack leverages supply-chain vulnerabilities, specifically exploiting authentication tokens from Anodot to bypass multi-factor authentication and access Rockstar’s Snowflake environment.
    3. The threat group, ShinyHunters, has a history of targeting major corporations and is also linked to breaches at companies like Amtrak, McGraw Hill, Ticketmaster, AT&T, and Microsoft.

    Recent Security Breach at Rockstar Games

    Rockstar Games experiencing a security breach again, but this time it seems like it might be more targeted at their data systems than the game itself. This follows a notorious 2022 leak where a social engineering trick got early GTA VI footage exposed on Slack. Now, sources say the attack is aimed at their backend servers, possibly exposing sensitive corporate information.

    Threat Group and Their Previous Targets

    ShinyHunters, a known cybercriminal group, is believed to be behind this attack. This group has a history of stealing data from big companies like Ticketmaster, AT&T, and Microsoft. Unlike that lone hacker in 2022, this time they seem to be working as part of a larger campaign, especially attacking companies that use cloud data tools.

    How the Attack Was Carried Out

    Reports from RansomLook.io and CyberSec Guru say the hackers didn’t directly break into Rockstar’s main defenses. Instead, they used an automated process involving a third-party cloud tool called Anodot. By stealing tokens from Anodot’s system, they accessed Snowflake, a company used to store big data like analytics and player info. This way, they could avoid traditional security measures like multi-factor authentication. This sneaky method appears to be a common technique used by ShinyHunters lately.

    Other Victims and Future Risks

    This wave of attacks isn’t just hitting Rockstar. The same group claims they’ve accessed data from Amtrak, McGraw Hill, and over 100 million records from various third-party Salesforce integrations. They’ve set a ransom deadline for April 14, threatening to leak the data if their demands are not fulfilled. So far, Rockstar and its parent company, Take-Two Interactive, haven’t made any statements or disclosures yet, leaving many questions unanswered about the full scope of this incident.


    Sources

    Tags: , , , ,
  • Hacker Database Breach Exposes 324,000 User Accounts

    Hacker Database Breach Exposes 324,000 User Accounts

    Key Takeaways

    1. BreachForums experienced a significant data breach, exposing nearly 324,000 user accounts.
    2. The leaked SQL file contains sensitive data, including usernames and over 70,000 public IP addresses.
    3. The hackers responsible, ShinyHunters, suggested that BreachForums may be a “honeypot” set up by law enforcement.
    4. The compromised files were stored in an unsecured folder during a transition to a new domain.
    5. BreachForums functions as a marketplace for hackers to buy and sell hacking tools and stolen information.

    Irony, thy name is hacking.

    BreachForums, a well-known site where hackers share leaked and stolen information, recently experienced a breach of its own, leading to the exposure of nearly 324,000 user accounts. As reported by Bleeping Computer, an archive that includes an SQL file, a text file, and a PGP key file appeared on a “website named after the ShinyHunters extortion gang.”

    SQL File Revelations

    The highlight of this archive is the SQL file, which holds various data points such as usernames, IP addresses, and registration dates, among other details. While most of the IP addresses listed are simple loopback addresses, there are also 70,296 public IP addresses that could potentially be used to identify the users linked to those accounts, as indicated by Bleeping Computer.

    No Honor Among Thieves

    Adding to the saying that there’s no honor among thieves, the hackers responsible for this breach (ShinyHunters) claimed that BreachForums is actually a “honeypot,” suggesting that it is a fake site set up by law enforcement to catch unsuspecting cybercriminals.

    The administrator of BreachForums mentioned that the compromised files were kept in “an unsecured folder” during the forum’s transition from its previous domain to the current one. It’s important to point out that this isn’t the first occasion BreachForums has faced a data breach.

    Marketplace for Malicious Activity

    BreachForums serves as a platform where hackers and other malicious individuals can buy and sell hacking tools and stolen information. Law enforcement took control of the site on August 11, 2025, leading to its shutdown. It has since moved to its new domain.

    Bleeping Computer

    Source:
    Link

     

    Tags: , ,
  • AT&T Pays $177M for Data Breaches; Customers May Get $7,500

    AT&T Pays $177M for Data Breaches; Customers May Get $7,500

    Key Takeaways

    1. AT&T has agreed to pay $177 million to settle class action lawsuits related to two significant data breaches affecting millions of customers.
    2. The first breach in 2019 compromised the personal information of approximately 73 million customers, while the second breach in 2024 affected around 100 million people.
    3. Customers can claim their share of the settlement by applying through the Kroll Settlement Administration website, with potential payouts up to $7,500 based on their involvement in the breaches.
    4. Victims of the 2019 breach may receive up to $5,000 for proven financial damage, while those affected by the 2024 breach could receive up to $2,500.
    5. Claimants have until December 18, 2025, to submit their claims, and Kroll is contacting affected customers with a “Class Member ID” to confirm eligibility.

    Millions of people who are or were customers of AT&T might be able to get cash payments due to two big data breaches. The telecom giant has agreed to pay $177 million to settle class action lawsuits related to these security issues.

    Details of the Breaches

    The first breach happened in 2019 and put the personal information of around 73 million customers at risk, although AT&T didn’t admit to the breach until 2024. The leaked data included names, birth dates, and Social Security numbers.

    The second breach was reported in 2024 and impacted even more people, 100 million, after hackers accessed AT&T’s data storage. This situation is the worst privacy issue in the history of the US telecom sector.

    Claiming Compensation

    Customers can get their portion of the $177 million settlement by applying through the Kroll Settlement Administration website. Depending on their involvement in both breaches, claimants may receive up to $7,500 each.

    Kroll has begun reaching out to affected customers via email, providing them with a “Class Member ID” to confirm their eligibility. However, those who haven’t received any notice can still reach out to the settlement administrator if they believe they are entitled to compensation.

    Amounts for Victims

    Victims of the 2019 incident may receive up to $5,000 if they can show financial damage, while those affected by the second breach might get as much as $2,500.

    As anticipated, the settlement administrator’s site has seen a lot of visitors. Claimants have until December 18, 2025, to submit their claims.

    Source:
    Link

     

    Tags: ,
  • Discord Breach Exposes 70,000 Government IDs: Causes and Impact

    Discord Breach Exposes 70,000 Government IDs: Causes and Impact

    Key Takeaways

    1. Around 70,000 Discord users may have had their government identification compromised due to a security incident.
    2. The breach occurred through a third-party service used for customer support, affecting users who contacted the Customer Support or Trust & Safety teams.
    3. Discord has cut off the vendor’s access to its ticketing system and is investigating the incident with law enforcement.
    4. Affected users will be notified via email from Discord, with no phone calls made to protect victims.
    5. As companies require IDs for service, users are exploring ways to protect themselves, including using VPNs, although some sites block these IP addresses.

    Discord has disclosed the possible scale of its recent security incident. The firm announced in an updated press release that around 70,000 users of its platform might have had their government identification compromised.

    Breach Details

    This data breach follows Discord’s move to join a rising number of tech firms that are requiring their customers to verify their age by submitting their driver’s licenses or government IDs. The platform has set up a process where users must upload selfies when they are reported for being underage.

    As per Discord, the breach happened via an unnamed third-party service that assists with its customer support. Only those users who had interacted with the Customer Support or Trust & Safety teams are impacted. The company also clarified that only the customer data shared with these teams was at risk.

    Official Statement

    The statement partially reads, “Recently, we found an incident where an unauthorized party accessed one of Discord’s third-party customer service providers. The unauthorized party then obtained information from a limited number of users who reached out to Discord through our Customer Support and/or Trust & Safety teams.”

    Discord has cut off the vendor’s access to its ticketing system while it investigates the situation along with law enforcement.

    Compromised Data

    The official announcement mentions that the following customer data could be compromised:

    Discord is reaching out to affected users who will receive an email from [email protected]. The company cautions that no phone calls will be made to protect unaware victims.

    As more companies strive to meet local legal demands by requiring IDs for service access, many users are considering ways to safeguard themselves against such breaches. Some have turned to VPNs to hide their real locations, although several well-known websites already block IP addresses linked to VPNs.

    Source:
    Link

     

    Tags: ,