Nintendo says customer data remains safe after hackers demand millions over alleged stolen records.
Nintendo is pushing back against ransom claims made by a hacker group that demanded $2 million after allegedly stealing employee survey records from a third-party service used by the company. The issue began after a group calling itself ShadowByt3$ claimed it gained access to an estimated 859 megabytes worth of data connected to Nintendo of America. The stolen files included employee names, email addresses, survey responses, financial paperwork and internal reports generated in the ten-year span between 2016 and 2026. The group threatened to release the information publicly unless Nintendo paid a ransom by June 15.
News of the alleged breach spread quickly across gaming forums and social media, raising concerns about whether customer accounts or payment details had also been exposed. Nintendo of America soon issued a statement addressing the incident, stating the ransom claims were false. The company said that the information came from TinyPulse, a third-party service used for internal employee surveys. Company officials stated their own systems were not breached and that no consumer information or customer financial records were accessed.
The company added that the data involved appears to be limited to survey-related material collected years ago. Nintendo said it is working with TinyPulse to investigate what happened and determine exactly what information may have been exposed.
Nintendo seems to commonly find itself at the heart of the gaming rumor mill, with alleged Nintendo products to come surfacing regularly. Many of these rumors have proven to be false or only half-truths. Most recently, claims circulated online that a new game called Pokémon Winds and Waves could launch in 2027 alongside a new three-dimensional Super Mario title. Nintendo has not yet confirmed either project.
The latest hacking claims come as Nintendo continues to enjoy strong demand for its gaming products. The company recently released a new system update for the Nintendo Switch and Switch 2, adding additional language support and improving features tied to its digital storefront.
Nintendo has dealt with larger security leaks in the past. In 2024, a massive incident, known online as the Teraleak, resulted in more than a terabyte of material from Pokémon developer Game Freak being posted online. The leaked files reportedly included source code, internal documents and information about future projects tied to the Pokémon franchise.
Another wave of leaked material surfaced in 2025, fueling more rumors about future Pokémon games and other projects. Some of the information appeared to be accurate, while other details remained uncertain. Nintendo later adjusted the release plans for its next generation of Pokémon titles. Other major game developers have also found themselves dealing with cyberattacks and ransom claims. Earlier this year, hacker group ShinyHunters reportedly released internal information linked to Rockstar Games, including financial details connected to sales of Grand Theft Auto V.
For Nintendo, the current situation appears far smaller than past security incidents. The company has shown little sign that it intends to negotiate with the hackers’ demands. Instead, attention is turning to the investigation and whether additional information will emerge about the alleged breach. For now, Nintendo maintains that its own systems remain secure.
Sources:
Hacker Group Demands $2 Million from Nintendo
Pokémon Winds and Waves, 3D Super Mario Release Months Leak Online
Join the conversation!