Popular Gaming Cheat Service Hacked, Exposing 64,000 User Accounts

Atlas Menu, a commercial cheat service for Grand Theft Auto V and Counter-Strike 2, was breached in May 2026. An attacker accessed the service's database and published it publicly on GitHub, compromising records for approximately 64,000 users. The leaked data included usernames, email addresses, IP addresses, passwords (stored in a hashed format called bcrypt), customer support conversations, menu license keys, and Rockstar Games account identifiers.

Have I Been Pwned, a website that tracks data breaches, confirmed the exposure of 64,000 unique email addresses. The compromised dataset also included support tickets between customers and Atlas Menu staff, signup dates, lists of banned users, and administrator logs, according to The Register.

How the Attack Happened

According to TechCrunch, the attacker claimed to have gained access to all of Atlas Menu's systems. The hacker stated the motivation was revenge against someone they believed was a scammer—suggesting this was a targeted attack rather than a random attempt to steal data for profit.

Atlas Menu's website went offline around the time the breach was discovered, though it is unclear whether the company shut it down intentionally or if the attack caused the outage. The service had promised customers "secure authentication and enhanced privacy through advanced encryption," claims that now ring hollow given how much information was compromised.

The leaked data creates several real risks for affected users. While bcrypt—the method used to protect passwords—is stronger than older password-hashing techniques, passwords that are weak or commonly used can still be cracked through brute-force attacks (trying many combinations offline). More immediately concerning, the leaked Rockstar Games account identifiers could be used to target players with harassment or social engineering attacks.

How Atlas Menu Made Money

Before the breach, Atlas Menu operated as a paid subscription service offering cheating tools for two of the gaming world's biggest multiplayer games. The service advertised features like player invisibility, enhanced jumping, and the ability to fly through game maps.

This kind of paid cheat service is a relatively modern development. In earlier decades, most cheats and game modifications were created by hobbyists who shared them for free online. Services like Atlas Menu commercialized this—turning rule-breaking modifications into a business. This creates a tension: the service needs to operate secretly enough to avoid detection by anti-cheat systems (the software games use to catch cheaters), but also needs enough visibility to attract paying customers. That tension, combined with the service's questionable legal status, made it an attractive target for attackers.

The Bigger Picture in Gaming Security

This breach is not an isolated incident. Rockstar Games, the company behind Grand Theft Auto, has experienced multiple data exposures. In 2022, attackers broke into the company's Slack account and Confluence system (internal communication and document tools) and leaked Grand Theft Auto 6 source code and gameplay footage. More recently, Rockstar suffered another incident when the extortion group ShinyHunters accessed analytics data stored in Snowflake (a cloud database service) using stolen login credentials from a third-party vendor. Rockstar said the exposed information was limited and did not affect game infrastructure or players.

The gaming world more broadly faces a security problem: cybercriminals use popular games as vectors for spreading malware. Security researchers have found that Minecraft is the game most frequently abused for hiding malicious software, because so many people play it. We have seen similar patterns before—when peer-to-peer file-sharing programs like BitTorrent became mainstream, attackers hid malware in popular entertainment files. The gaming community's appetite for unofficial modifications and cheats creates similar opportunities for bad actors to embed malicious code in tools that appear legitimate.

The Particular Vulnerability of Cheat Services

The larger issue here is that commercial cheat providers operate in a precarious position. Unlike legitimate software companies, they exist in legal and technical gray areas that prevent them from using standard security practices. They cannot openly work with security researchers to find vulnerabilities, they cannot share threat information with industry peers, and they cannot call on law enforcement if they are attacked. This isolation leaves them vulnerable: they accumulate valuable customer data while lacking the defensive resources that established software companies have.

This creates an asymmetric situation where cheat services are attractive targets for attackers precisely because their operators have few legitimate options for response or recovery. When Atlas Menu promised "secure authentication and enhanced privacy," they made commitments about data protection that their operational constraints made difficult to actually keep.

Atlas Menu is not the first service like this to suffer a major breach. Paragon Cheats, another Grand Theft Auto modification service, was breached in May 2021 and the exposure was severe enough to force a shutdown.

The ripple effects extend beyond individual exposed accounts. Because the breach included Rockstar Games account identifiers, attackers could combine this data with information from other breaches to build detailed profiles of gaming habits and player preferences. Users of cheat services expose themselves not just to account bans from game publishers, but to data theft, identity compromise, and targeted attacks that can follow them far beyond gaming.