On June 15, 2026, it was reported that a group that goes by the name ShadowByt3$ may have gained access to Nintendo’s internal communication system and stolen nearly 1GB of data (859MB precisely). The group demanded a $2 million ransom, or they would release the information to the public.
Samples of the leaked data reviewed by Cybernews researchers appeared to be credible. “The sample contains HR data, such as pulse surveys and questionnaires about how employees are feeling at work,” said the researchers.
ALSO READ: Here’s Why Senua Was Part Of Xbox Games Showcase, Even When Ninja Theory Was Facing Closure
Other details contained in the samples published by the bad actors include employee names, corporate email addresses, workforce engagement surveys, internal analytics, organizational performance metrics, planning documentation, and exported reports.
The sample also includes employee engagement surveys and workplace feedback records from 2016, adding credibility to the bad actors’ claim that the stolen data spans ten years through 2026.
Nintendo has now addressed the leak through a statement sent to Kotaku. The Japanese gaming giant acknowledged there was a data problem involving TinyPulse, the platform they use for internal employee surveys in America. However, they assured users that their systems hadn’t been compromised, adding that “no personal customer or financial data” was accessible.
“We are aware of an issue involving TinyPulse, a third-party service used for internal employee surveys at Nintendo of America,” the Switch maker said in the statement sent to Kotaku.
“Nintendo’s systems have not been compromised, and no personal customer or financial data has been accessed. The data involved is limited to internal survey content comprising a small subset of our employees, and most of the information dates back several years.
We appreciate our employees’ willingness to share their perspectives, take all feedback seriously, and take action when needed. We are working with the service provider to address the issue.”
The group demanded for $2 million and set a deadline of June 16. When Nintendo didn’t bulge, they shifted their target to TinyPulse. Some of the allegedly leaked information has surfaced online.
Do you think the data accessed by the bad actors can cause any real damage to Nintendo if released publicly? Share your thoughts in the comment box below.
