Ransomware Group Alleges To Have Stolen Nintendo's Employee Info
The ransomware group SHADOWBYT3$ claims to have stolen 859MB of Nintendo employee data via the TINYpulse HR platform and is demanding a $2 million ransom. Nintendo has confirmed an issue with third-party service data but insists no customer information was compromised. The breach remains unverified by Nintendo’s official confirmation. Sources agree on the ransom demand and the group’s claim but differ on the scope of affected data.
What changed
No new confirmed details have emerged, but both sources independently corroborate the $2 million ransom demand and SHADOWBYT3$’s claim of stealing Nintendo employee data.
Live updates
-
Ransomware Group SHADOWBYT3$ Demands $2M After Alleged Nintendo Data Theft
confidence 92%The ransomware group SHADOWBYT3$ claims to have stolen 859MB of Nintendo employee data via the TINYpulse HR platform and is demanding a $2 million ransom. Nintendo has confirmed an issue with third-party service data but insists no customer information was compromised. The breach remains unverified by Nintendo’s official confirmation. Sources agree on the ransom demand and the group’s claim but differ on the scope of affected data.
What's confirmed:
- The ransomware group SHADOWBYT3$ has publicly claimed responsibility for a cyberattack on Nintendo, alleging theft of 859MB of employee data from the TINYpulse HR platform.
- SHADOWBYT3$ is demanding a $2 million ransom for the alleged stolen data.
- Nintendo has acknowledged an issue involving a third-party service but states no customer information was accessed.
- The company claims the breach involves limited and outdated HR records, not current employee or financial data.
Still unconfirmed:
- SHADOWBYT3$ claims the breach occurred between June 12 and June 17, 2026, though this timeline has not been confirmed by Nintendo or independent verification.
-
Nintendo Employee Data Breach: ShadowBytes Demands $2M Ransom After Alleged HR Platform Exploit
confidence 88%The ransomware group ShadowBytes claims to have stolen 859MB of Nintendo employee data via the TINYpulse platform and is demanding a $2 million ransom. Nintendo has acknowledged an issue with third-party service data but insists no customer information was accessed. The company states the breach involves limited and outdated HR records. The claim remains unverified by Nintendo’s official confirmation.
What's confirmed:
- The ransomware group ShadowBytes claims to have stolen approximately 859MB of Nintendo employee data, including HR records, through an exploit of the TINYpulse platform.
- ShadowBytes is demanding a $2 million ransom from Nintendo in exchange for the stolen data, threatening to leak it if the payment is not made.
- Nintendo has acknowledged an issue involving a third-party service breach but states no customer data was accessed and that its systems remain secure.
- The stolen data is described as limited and outdated, primarily affecting HR records rather than gaming accounts or customer information.
- Nintendo is working with the affected service provider to address the breach.
Still unconfirmed:
- Nintendo’s official systems were directly hacked during the breach (unconfirmed by Nintendo).
- The breach may have compromised sensitive internal communications or payroll data beyond HR records (no third-party confirmation).
- ShadowBytes has begun leaking sample data to pressure Nintendo into paying the ransom (no verified evidence of leaks).