Headquarters of Nintendo in Kyoto
A major cyber extortion claim has targeted Nintendo after hackers alleged they stole internal company data and demanded a $2 million ransom. Tokumeigakarinoaoshima | Wikimedia Commons

A hacking group has threatened to release up to 10 years of allegedly stolen internal data from Nintendo unless the Japanese video game giant pays a $2 million ransom, in what researchers say could represent a significant corporate cyber extortion attempt.

The hackers, who call themselves ShadowByte$, claimed in an online forum that they had accessed sensitive company material spanning a decade of operations, warning Nintendo to respond within a strict deadline or risk the information being leaked publicly.

The group first issued its demands on 12 June via its official leak site, alongside a post outlining the alleged breach and a demand for urgent action from the company.

'You have 48 hours to contact us Nintendo or all data gets leaked,' the statement read. 'If you contact us we give you an extra day to think this through. We are demanding a ransom payment of 2 million dollars.'

Verification of Leaked Data Underway

As of this writing, the authenticity and scope of the internal records allegedly accessed by the threat actor remain unconfirmed. However, according to researchers who examined leaked samples, the data may have included employee names, email addresses, HR surveys, workplace feedback, organisational performance metrics, internal reports, and planning documentation, according to Cybernews.

It was also added by researchers that the data stolen appears to go back as far as 2016. As for the metadata, these appear to have been created on 28 January.

The authenticity of the stolen data remains unverified. However, researchers noted that there were some names in the files who are allegedly still employed with the video game company.

Second Extortion Demand Issued

Regardless, the group issued a second notice on 14 June on an open-source intelligence platform. In that post, the group claimed that they had moved onto TinyPulse, the employee feedback platform that was allegedly breached. They added that this was a response after Nintendo decided not to pay the ransom.

'You have until 16 June 2026 to contact us via Telegram or email that we have sent you,' the statement read. 'Nintendo decided not to pay so we are demanding that TinyPulse pay or all data will be leaked, including private messages of Nintendo employees. Not all employees are happy, we can tell you that. Private messages are about to not become private if TinyPulse doesn't reach an agreement with us,' it continued.

Nintendo Issues Official Statement on Breach

After reports of the breach emerged, Nintendo issued an official statement addressing the matter. They confirmed that there had been an incident involving a third-party service. However, they clarified that the intrusion affected data that was limited to internal survey content involving a small subset of employees.

Nintendo added that most of the information stolen dates back several years. They further stated that their internal systems were not affected and that employees based in North America were not involved.

'We are aware of an issue involving TinyPulse, a third-party service used for internal employee surveys at Nintendo of America. Nintendo's systems have not been compromised, and no personal customer or financial data has been accessed,' an official statement from Nintendo read via Kotaku.

Potential Impact Remains Unclear

It remains unclear whether the breach could have implications for yet-to-be-released Nintendo projects. If reports are accurate that the hack only involved internal survey data and a small group of employees, the likelihood of sensitive product information being exposed would appear limited.

However, the situation could change if those surveys contained details provided by employees about upcoming Nintendo games or internal development projects. For now, that remains unknown.

If the breach is limited to internal employee information, whether involving current or former staff, the overall impact on the Japanese video game company may be limited. However, the situation remains under review as further verification continues.

Writer's pick