SHADOWBYT3$ Claims Cyberattack on Nintendo via TINYpulse HR Platform The extortion-as-a-service (EaaS) group SHADOWBYT3$ has publicly claimed responsibility for a cyberattack targeting Nintendo, alleging the theft of 859 MB of sensitive employee data from the company’s use of the HR engagement platform TINYpulse. The breach, disclosed between June 12–13, 2026, includes a $2 million ransom demand, with threats to leak the data if payment is not received. Unlike typical attacks on gaming infrastructure, SHADOWBYT3$ exploited a third-party SaaS provider TINYpulse to access employee personally identifiable information (PII), financial documents, and internal HR communications. The stolen dataset reportedly includes: - Full employee names, email addresses, and IDs - Bank statement PDFs and W-9 tax forms - Engagement surveys, analytics reports, and progress plans - Private employee sentiment data, including workplace discussions and engagement rankings (2016–2026) The group emphasized that the breach does not impact Nintendo’s gaming operations, affecting only employees who used TINYpulse. After Nintendo declined to engage, SHADOWBYT3$ shifted its demand to TINYpulse, extending the deadline to June 16, 2026, and requesting contact via Telegram or email. Operating under an EaaS model, the group’s strategy mirrors Ransomware-as-a-Service (RaaS), targeting supply chain vulnerabilities to maximize data exposure while minimizing detection risks. As of publication, neither Nintendo nor TINYpulse has confirmed the breach, leaving the incident unverified with an ESIX© severity score of 5.60. The attack highlights a growing trend of threat actors exploiting SaaS integrations to bypass enterprise defenses.

Nintendo Hit by Ransomware Attack Targeting Employee Data via Third-Party Vendor Nintendo recently fell victim to a cyberattack by the hacking group ShadowByt3$, which threatened to leak stolen employee data unless a $2 million ransom was paid within two days. The breach, detected on June 13, originated through TinyPulse, a third-party HR platform used by Nintendo of America for employee feedback and performance analytics. The attackers claimed to have exfiltrated 859 MB of sensitive data, including names, surveys, bank statements, tax forms, and other internal documents. Initially, ShadowByt3$ demanded payment by June 15 to prevent the release of the information. When no ransom was paid, the group escalated its threats on June 14, extending the deadline to June 16 and targeting TinyPulse directly a tactic known as triple extortion, where attackers pressure multiple parties connected to the victim. Nintendo confirmed the incident in a June 15 statement, clarifying that its own systems remained uncompromised and that no customer or financial data was accessed. The exposed information was limited to internal survey content from a small subset of employees, much of it dating back several years. The company is working with TinyPulse to address the breach. As of June 17, no further threats or negotiations have been reported, though investigations into the breach’s full impact are ongoing. Nintendo of America, headquartered in Redmond, Washington, operates as the North and South American arm of the Kyoto-based company, founded in 1889.

Nintendo, a leading Japanese multinational video game and entertainment company, confirmed a significant data breach after a hacker group claimed unauthorized access to its internal network. The threat actors allegedly exfiltrated confidential corporate data, though the exact scope of the stolen information—such as employee records, proprietary game development details, financial documents, or customer-related data—was not publicly disclosed. The breach raises concerns over potential intellectual property theft, operational disruptions, or reputational damage, given Nintendo’s high-profile status in the gaming industry. While the company acknowledged the incident, it did not specify whether the attack involved ransomware, targeted vulnerabilities, or a direct cyber assault. The breach underscores the growing risks faced by global enterprises in safeguarding sensitive internal data from increasingly sophisticated cyber threats.

Nintendo confirmed a breach by the hacking group Crimson Collective, who accessed some of its external web servers. The company clarified that no sensitive data—such as development, business, personal, or payment information—was compromised. The breach was limited to public-facing systems, with no impact on user data or internal game assets. The attackers posted alleged proof online, including folders and files from the intrusion, but Nintendo affirmed that the incident did not expose critical or confidential information. The group is known for similar attacks, including a claimed breach of Red Hat, where they exfiltrated 570 GB of data. Their modus operandi involves breaching systems, stealing data, and attempting blackmail. Nintendo has historically pursued legal action against hackers, as seen in the 2024 Teraleak incident involving Game Freak’s Pokémon data. Users were advised to enable 2FA, update passwords, and avoid phishing attempts, though no direct harm to accounts was reported.

Cyberattacks Target Major Video Game Studios, Exposing Source Code and Internal Data In a wave of recent cyber incidents, leading video game companies including Capcom, Ubisoft, and Crytek have fallen victim to ransomware attacks and data breaches, raising concerns over the security of intellectual property in the gaming industry. Capcom, the Japanese developer behind franchises like Resident Evil and Street Fighter, confirmed a cyberattack on its systems earlier this week. The breach, attributed to the Ragnar Locker ransomware group, disrupted internal networks, including email and file servers. While the company stated there was no evidence of customer data being accessed, it did not disclose whether source code or other sensitive materials were stolen. The attack follows a pattern of recent breaches in the industry, though experts see no evidence of a coordinated campaign. Meanwhile, Ubisoft is investigating claims that hackers stole source code for Watch Dogs: Legion, with reports suggesting the data was leaked online. The company acknowledged a potential security incident after internal network issues surfaced but has not confirmed the extent of the breach. Similarly, Crytek known for the Crysis series was also targeted by the same hacking group, raising fears that proprietary game code could be sold or distributed illegally. The attacks come amid a broader trend of cyber threats against gaming companies, including previous leaks from Nintendo. While no major disruptions to gameplay or official services have been reported, the incidents highlight vulnerabilities in an industry increasingly targeted for its valuable digital assets. The long-term impact may include unauthorized game modifications, knockoff releases, or the exploitation of stolen development materials. As investigations continue, the gaming sector remains on alert for further disclosures of compromised data.

Video gaming firm Nintendo warned its customers to not reuse passwords on different services after releasing an increased tally of compromised accounts. Back in April the firm first reported that it had identified 160,000 compromised accounts. Now, in an update, following an investigation by the firm, Nintendo revealed that it was adding an extra 160,000 – bringing the total to 300,000. The hackers were able to gain access to the accounts because they used the simple technique of using credentials that had previously been exposed through other data breaches. Whoever compromised the Nintendo Network ID (NNID) accounts would have been able to access personal information such as email addresses, genders, nicknames, regions or countries, and dates of birth, but not customers’ payment card details.

Nintendo Confirms Data Breach via Third-Party Service, Employee Information Exposed Nintendo has disclosed a data breach involving employee information after the extortion group ShadowByt3$ claimed to have compromised its systems. The company clarified that its own servers remained secure, but a vulnerability in TinyPulse, a third-party employee survey platform, led to the exposure. The hackers demanded a $2 million ransom to prevent the release of sensitive data, including names, email addresses, bank records, survey responses, performance evaluations, and details on top-performing staff. While Nintendo confirmed no customer or financial data was accessed, the leaked information primarily older survey content could still pose risks. Unlike previous high-profile breaches, such as the 2020 Gigaleak or Teraleak incidents, this incident does not involve game development assets or intellectual property. Nintendo stated it does not intend to negotiate with the extortion group and expects the data to be published online. The company is working with TinyPulse to address the issue. The breach follows past criticism of Nintendo of America’s handling of temporary worker contracts, raising concerns about potential internal disclosures in the leaked survey data. No further details on the extent of the exposure have been released.