An as-yet-unverified data breach may have affected Nintendo, according to a claim made by hacking group ShadowByt3$.
As reported by Technadu (via, Nintendo Everything), this alleged breach occurred on 13th June, with the group giving Nintendo until 15th June (today) to respond.
ShadowByt3$ claims to have accessed 859MB of Nintendo employee data, including full names of employees, bank statements, employee IDs and reports, analytics, and more.
It is claimed that this data was collected via TINYpulse, a WebMD Health Services HR program designed as an “employee engagement and feedback solution to enhance culture and performance.” Targeting a third-party program used by an institution (rather than Nintendo itself) is a common tactic for ransomware groups.
While this unconfirmed leak is much smaller than the large ‘teraleak’ which affected The Pokémon Company back in 2024 or the earlier ‘gigaleak’, the sensitive nature of the details makes this an extremely serious breach if verified.
We’ve reached out to Nintendo for comment and will update this article if we hear back.