Atlas Menu Breach: 64K Accounts Exposed (2026)

Overview

In May 2026, the cheat service provider Atlas Menu, which sells aimbots and wallhacks for GTA V and CS2, suffered a catastrophic data breach. An attacker gained full access to Atlas Menu’s systems and dumped the entire database to a public GitHub repository. The leak exposed 63,926 unique accounts, including email addresses, usernames, IP addresses, support tickets, and password hashes. The breach was reported to Have I Been Pwned (HIBP), and affected users can check their exposure at haveibeenpwned.com.

What Was Exposed

The exposed data includes:

• Email addresses – 64K unique accounts, vulnerable to phishing and spam campaigns.
• Usernames – Often reused across other services, aiding credential-stuffing attacks.
• IP addresses – Reveals users’ general geographic location and could be used for targeted attacks or doxxing.
• Support tickets – May contain personal information, payment details, or sensitive correspondence.
• Passwords – Stored as bcrypt hashes, a strong but not invulnerable algorithm. A dedicated attacker with significant computing resources could crack weak or common passwords.

Risks Beyond the Game

While Atlas Menu users may assume this breach only affects in-game cheating, the exposed data creates serious real-world risks. Credential reuse is the primary threat: if you used the same password on Atlas Menu as your email, bank, or social media accounts, attackers can cross-reference the leaked hashes (or cracked plaintext versions) against other services. The IP addresses and support tickets add doxxing and social engineering avenues. Users involved in cheating services should also be aware that support tickets may discuss in-game activities, which could attract scrutiny from game developers like Rockstar or Valve.

How to Check If You’re Affected

Visit Have I Been Pwned and enter the email address you used with Atlas Menu. The site will confirm if your account was in the breach. If you use a password manager, check your Atlas Menu entry for a breach alert - many managers now integrate with HIBP.

What to Do Right Now

1. Change your Atlas Menu password immediately - even though passwords are hashed, assume they will be cracked. Create a strong, unique password.
2. Change passwords on any other accounts where you reused the Atlas Menu password. Prioritize email, banking, and social media accounts.
3. Enable two-factor authentication (2FA) on all accounts that support it, especially your email provider.
4. Watch for phishing emails. Attackers may use your email address and support ticket details to craft convincing scams. Do not click links in unsolicited messages.
5. Monitor your credit and financial accounts if you provided payment information in support tickets.

Security Insight

This breach exposes a harsh reality for gray-market services: they prioritize functionality over security. Atlas Menu’s decision to store passwords as bcrypt hashes is a technical positive, but the full database dump - including support tickets - indicates a lack of network segmentation and access controls. For users, the takeaway is clear: never trust a service that operates in a legal gray area with your personal credentials. Assume any account tied to questionable activities will eventually be compromised.

Further Reading

• All Critical Breaches
• Recent Data Breaches