Play Games
1 hour ago
10
Nintendo has downplayed an employee data breach that a hacker group is threatening to release unless the company pays a $2 million ransom.
At the weekend, a self-proclaimed “extortion as a service group” known as ShadowBytes threatened to leak private Nintendo employee data, which it claimed included lists of e-mails, names, bank statements, and private conversations.
The data is said to have been sourced from an employee feedback platform known as TinyPulse, which the hacker group also threatened after Nintendo allegedly “decided not to pay” it.
“Nintendo decided to not pay so we are demanding that Tinypulse pay or all data will be leaked including private messages of Nintendo employees and not all employees are happy we can tell you that,” the group said. “Private messages are about to not become private if Tinypulse doesn’t reach an agreement with us.”
🚨Cyber Alert ‼️
🇯🇵Japan - 𝗡𝗶𝗻𝘁𝗲𝗻𝗱𝗼
SHADOWBYT3$ claims to have breached Nintendo, allegedly stealing approximately 859 MB of data from TINYpulse systems. The claimed dataset includes employee names, email addresses, surveys, analytics reports, bank statement PDFs, W-9… pic.twitter.com/ElrsrKesjq
However, in a statement, Nintendo of America sought to downplay the alleged data breach, claiming that the data breach was limited and old.
“We are aware of an issue involving TinyPulse, a third-party service used for internal employee surveys at Nintendo of America,” reads a statement provided to Kotaku by the company.
“Nintendo’s systems have not been compromised, and no personal customer or financial data has been accessed. The data involved is limited to internal survey content comprising a small subset of our employees, and most of the information dates back several years.
“We appreciate our employees’ willingness to share their perspectives, take all feedback seriously, and take action when needed,” continues the statement. “We are working with the service provider to address the issue.”
