Atlas Menu Cheat Service Breach Exposes 64,000 Users' Data, Including Rockstar Account IDs
A data breach at Atlas Menu, a cheat service for GTA V and CS2, leaked 64,000 email addresses, bcrypt-hashed passwords, and Rockstar Games account identifiers after an attacker dumped the database on GitHub.
Users of Grand Theft Auto cheat services have discovered that even those selling ways around the rules struggle with basic security. Atlas Menu, a cheat service for Grand Theft Auto V and Counter-Strike 2, suffered a data breach in May that exposed information belonging to tens of thousands of users after an attacker allegedly gained access to the service's systems and dumped its database online.
According to breach notification site Have I Been Pwned, the breach exposed 64,000 unique email addresses. The leaked data also included usernames, IP addresses, support tickets, and passwords stored as bcrypt hashes. The individual who claimed responsibility published the stolen database to a public GitHub repository, claiming to have gained access to "all Atlas systems" before extracting customer records, support conversations, menu license keys, signup dates, and Rockstar Games account identifiers.
The data, reviewed by The Register, also appears to include lists of thousands of banned users, administrator logs, and other internal records. Posts discussing the breach on Reddit suggest this was not Atlas Menu's first security incident, but users said the latest leak appears to contain significantly more sensitive information than previous disclosures. The attacker also alleged that Atlas Menu's software engaged in screenshot spying, raising additional privacy concerns for users.
Anyone signing up for a GTA cheat service probably wasn't expecting privacy guarantees. Even so, having your email address leaked is one thing. Having support tickets, account identifiers, and purchase records dumped onto GitHub is another. The Atlas breach comes weeks after Rockstar Games was pulled into a separate data leak claimed by ShinyHunters, who alleged they accessed Rockstar data through cloud cost-monitoring platform Anodot and threatened to publish the information unless demands were met.
Atlas users now have their own security headache to deal with. Whether they're more concerned about the leaked database or the screenshot-spying allegation will likely depend on what they were doing while the software was running. The incident underscores how even underground service providers can become vectors for data exposure, with downstream risks for users who may have reused passwords or linked accounts across platforms.