Rockstar Games faces ongoing threats of data leaks following a major cyberattack linked to the Lapsus$ hacking group. The company continues to deal with the fallout of stolen information and the potential release of sensitive files.
A court has ordered the indefinite detention of Kurtaj, a former member of the Lapsus$ group, in a high-security psychiatric hospital. The ruling follows a judicial determination that Kurtaj is unfit to stand trial due to severe autism. Kurtaj played a central role in the theft and publication of significant portions of the company's stolen data.
The rise of sophisticated extortion
The breach at Rockstar reflects a broader trend in the cybercrime landscape. A Cyber Threat Intelligence report from NTT Data indicates that ransomware and data-based extortion models have reached a high level of operational maturity. The report highlights how these sophisticated models utilize automation to scale their operations.
Criminal organizations are now employing more complex tactics to pressure their targets. These modern campaigns combine automation with the selective theft of sensitive information to increase impact.
Hackers are also utilizing staged public pressure and reputational exploitation to influence corporate behavior. This approach targets the public image of a company to force a response.
“We are facing a paradigm shift: attacks no longer seek only to disrupt, but to condition decisions, processes, and long-term strategies,” said María Pilar Torres Bruna, cybersecurity leader at NTT Data.
Effective risk management now requires a move toward contextual detection, resilience, and strategic anticipation. Bruna emphasized that companies must prepare for threats that are both persistent and highly adaptive.
Despite the pressure from these groups, experts advise against paying ransoms to recover stolen data. Paying does not provide a guarantee that information will remain secure or be returned to the owner.
Data from CrowdStrike supports this warning. The firm reports that 83% of victims who paid ransoms were subsequently hit by further attacks. Such payments often transform an organization into a recurring target for cybercriminals.
