Nintendo is investigating claims that cybercriminals have stolen nearly a decade’s worth of internal company data and are demanding $2 million to prevent the information from being released online.
The allegations were posted on a cybercrime forum by a threat actor calling itself ShadowByte$, which claims to possess approximately 859MB of data allegedly linked to the Japanese gaming giant. While Nintendo has not confirmed a breach, security researchers who reviewed samples of the leaked files said portions of the data appear to be authentic.
According to the attackers, the stolen information includes employee names, corporate email addresses, internal reports, workforce surveys, planning documents, organizational metrics, and other internal records. Researchers examining the samples said they found employee engagement surveys, workplace feedback submissions, and HR-related data dating back several years.
The threat actor claims the records span from 2016 through 2026, potentially exposing ten years of internal company information. Metadata found within some of the files reportedly indicates that at least part of the dataset was exported in January 2026. Researchers also identified references to individuals who appear to still be employed by Nintendo, lending credibility to portions of the leaked material.
One of the biggest unanswered questions is how the data was obtained. Investigators say there is currently no evidence proving Nintendo’s internal systems were directly compromised. The attackers referenced TinyPulse, an employee engagement and workforce feedback platform used by organizations to collect anonymous employee surveys and workplace insights. As a result, researchers believe the incident may involve a third-party service rather than a direct breach of Nintendo’s infrastructure.
At this stage, there is no indication that customer information, Nintendo account data, payment details, or player information were affected. The leaked samples reviewed so far appear to consist primarily of employee and corporate records.
The incident highlights a growing trend in cybercrime where attackers focus on stealing sensitive corporate information for extortion rather than deploying ransomware to encrypt systems. Internal documents, employee records, strategic planning materials, and workforce data can be valuable bargaining chips for threat actors seeking ransom payments.
ShadowByte$ is a relatively new extortion group that reportedly emerged earlier this year. The group claims it will release the alleged Nintendo data if its demands are not met, although neither the authenticity nor the full scope of the dataset has been independently verified.
Nintendo has not publicly commented on the claims, and the company has not confirmed whether a breach occurred. Until additional evidence emerges or Nintendo releases its findings, the alleged compromise remains unverified.
Site Disclaimer
2-remove-virus.com is not sponsored, owned, affiliated, or linked to malware developers or distributors that are referenced in this article. The article does not promote or endorse any type of malware. We aim at providing useful information that will help computer users to detect and eliminate the unwanted malicious programs from their computers. This can be done manually by following the instructions presented in the article or automatically by implementing the suggested anti-malware tools.
The article is only meant to be used for educational purposes. If you follow the instructions given in the article, you agree to be contracted by the disclaimer. We do not guarantee that the artcile will present you with a solution that removes the malign threats completely. Malware changes constantly, which is why, in some cases, it may be difficult to clean the computer fully by using only the manual removal instructions.