The Rockstar Breach Wasn’t an Outlier: It Was a Warning Shot

Attackers are changing their economics, and for some time now, predictions have been circulating that supply chains would become the dominant attack model for cyber criminals. What we’re seeing now is those predictions materialising, and quickly. 

The Rockstar Games breach didn’t just make headlines because of who was targeted; it struck a nerve because of how it happened. This wasn’t brute force. This wasn’t opportunistic. This was smart, calculated, and reflective of a much bigger shift already underway. 

With over 25 years dedicated to pioneering the nascent field of cyber security, Acora’s Group CISO and CTO Partner, Darren Humphries, has shared his thoughts on what this means and why businesses need to pay attention now. 

A Web of Potential Pathways 

Why attack a well-defended enterprise head-on when you can compromise a weaker link in its ecosystem and gain indirect access? It’s a more efficient route in, with a higher likelihood of success. From an attacker’s perspective, it’s just better ROI. 

The Rockstar breach is a textbook example of this thinking in action. Rather than trying to break through hardened infrastructure, the attacker reportedly exploited access via a third-party or social engineering route, targeting identity and trust, not just technology. That’s a critical distinction. 

This is what makes supply chain attacks so powerful. Organisations don’t operate in silos anymore; they rely on a web of partners, platforms, contractors, and service providers. Each connection expands the attack surface. Each integration introduces another potential pathway. 

They Aren’t Breaking In, They’re Logging In 

What’s changed is the scale and maturity of how attackers exploit this. We’re not just seeing opportunistic compromises; we’re seeing deliberate targeting of ecosystems. Threat actors are mapping relationships, identifying dependencies, and strategically selecting the weakest point in the chain. 

And importantly, identity has become the new battleground. It’s no longer about “breaking in”, it’s about “logging in.” If an attacker can compromise credentials, session tokens, or privileged access through a trusted third party, traditional security controls can be bypassed entirely. 

This is where many organisations are exposed. Security strategies are often still centred around protecting core infrastructure, but visibility and control across the extended supply chain, where trust is assumed rather than verified, can be limited. 

The organisations that will be most resilient in this new landscape are the ones that rethink trust entirely. Zero Trust principles aren’t theoretical anymore; they are essential. Continuous verification, strict access controls, and real-time monitoring of third-party interactions are no longer “nice to have”; they’re foundational. 

Because the question is no longer if your supply chain will be targeted, it’s when, and how prepared you are to detect and respond when it happens. 

A Shift in Attack Strategy 

The takeaway from Rockstar isn’t just about a single breach, it’s about a shift in attacker strategy that’s already reshaping the threat landscape. Supply chain risk is no longer a secondary consideration; it’s central to modern cyber defence. 

At Acora, we’re helping organisations get ahead of this shift, strengthening visibility across their ecosystems, tightening identity controls, and building security strategies that reflect how attacks actually happen today. 

Resilience isn’t just about protecting what’s inside your walls; it’s about understanding everything connected to them. 

About Darren Humphries 

Darren Humphries is the accomplished Chief Information Security Officer (CISO) and CTO Partner at Acora, whose profound contributions have significantly shaped the cyber security landscape. With a distinguished career spanning Fortune 100 Cyber Security suppliers, he has orchestrated the development of Gartner-evaluated services, conducted strategic evaluations for investment, and fortified the security portfolios of global enterprises. 

Darren’s journey ignited during the early internet era and saw him pioneering the nascent field of cyber security through relentless self-learning after coming from a military background. As Acora’s CISO, he exemplifies adaptable leadership, prioritising results, processes, and alignment with organisational culture. 

Engaging in leading-edge cyber security dialogues, he offers valuable insights on AI and quantum threats whilst contributing to shaping future cyber concerns through think tanks.