Nintendo Data Breach: Hacker Claims Stealing Approximately 860 MB via TINYpulse Systems

Summarize with:

ChatGPT Claude.ai Google AI Grok Perplexity

Add as preferred source on Google

A threat actor using the handle SHADOWBYT3$ claims to have breached Nintendo, allegedly stealing approximately 859 MB of data sourced from TINYpulse systems. The claim, observed on June 13, 2026, has not been confirmed and remains to be verification.

Did Nintendo have a security breach?

According to the hacker’s claim, the Nintendo dataset pulled from TINYpulse systems contains a broad mix of employee information. The listed data includes:

• employee names, 
• email addresses, 
• surveys, 
• analytics reports, 
• bank statement PDFs, 
• W-9 forms, 
• workplace feedback, 
• employee progress records.

TINYpulse is associated with employee engagement and workplace feedback functions, which aligns with the survey and feedback records described in the claimed dataset. If accurate, the exposure would combine sensitive personal and financial details, such as bank statements and W-9 tax forms, with internal workplace analytics.

Claim Remains Unverified

Nintendo operates in the gaming sector, and the alleged dataset points specifically at internal employee records rather than customer or player data, based on the details provided.

At this stage, the data breach is a claim attributed to SHADOWBYT3$ and has not been independently confirmed, and no validated details beyond the actor's assertions are available. 

In April 2025, Nintendo targeted game streamer EveryGameGuru in an anti-piracy lawsuit, making the streamer pay $17,500 in damages six months later.

In early June, WeedHack malware infected 116,000+ Minecraft systems via fake mods, and an alleged Rockstar Games data breach leaked analytics via a prior Anodot security incident in April.

Related

ShinyHunters Publishes Infinite Campus Data in Extortion Campaign Linked to Salesforce, 137,000+ Emails Exposed

Cyber Job Moves: From Boardroom Shifts to AI Security Bets, Cyber Firms Reshape Leadership | Week of June 14-20

Weekly Cybersecurity Roundup: Major Law Enforcement Takedowns, University Breaches, Deepfake Victims, and Romance Lures

Hacktivist Groups 4BID, Hakerskii Kit, and C.A.S. Broaden Attack Geography, Report Says

WhatsApp Disrupts New NSO Group Spyware Campaign, Files Contempt Order

New PyPI Wave in Mini Shai-Hulud, Miasma, and Hades Campaign: 23 New Malicious PyPI Artifacts

Your Weekly Cybersecurity Briefing

Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.

Subscribe for Free

Please enter a valid email address.

Most Popular

ShinyHunters Publishes Infinite Campus Data in Extortion Campaign Linked to Salesforce, 137,000+ Emails Exposed

Cyber Job Moves: From Boardroom Shifts to AI Security Bets, Cyber Firms Reshape Leadership | Week of June 14-20

Weekly Cybersecurity Roundup: Major Law Enforcement Takedowns, University Breaches, Deepfake Victims, and Romance Lures

Supply Chain Incidents Reveal the True State of Incident Response as Security, IT, and OT Teams Struggle to Assign Accountability 

ExpressAI Adds Google's Gemma 4 31B Model, Bringing Video Analysis to Pro Users

How Microsoft Copilot Studio Creator Permissions Expand the Blast Radius of Prompt Injection Attacks

ShinyHunters Publishes Infinite Campus Data in Extortion Campaign Linked to Salesforce, 137,000+ Emails Exposed

Cyber Job Moves: From Boardroom Shifts to AI Security Bets, Cyber Firms Reshape Leadership | Week of June 14-20

Weekly Cybersecurity Roundup: Major Law Enforcement Takedowns, University Breaches, Deepfake Victims, and Romance Lures

Supply Chain Incidents Reveal the True State of Incident Response as Security, IT, and OT Teams Struggle to Assign Accountability 

ExpressAI Adds Google's Gemma 4 31B Model, Bringing Video Analysis to Pro Users

How Microsoft Copilot Studio Creator Permissions Expand the Blast Radius of Prompt Injection Attacks