Nintendo confirms data stolen in WebMD subsidiary cyberattack
Nintendo of America confirmed that survey data from the third-party TinyPulse service used internally was stolen by threat actors. Nintendo's own systems were not compromised, and no customer or financial data was accessed. The stolen data reportedly includes internal employee survey content and possibly personal employee details dating back several years. The threat actor group Shadowbyt3$ claimed responsibility, demanding a $2 million ransom and threatening to leak more data. Nintendo is working with TinyPulse to address the issue. There is no indication that Nintendo gaming systems or customer data were affected.
AI Analysis
Technical Summary
A cyberattack targeting TinyPulse, a third-party employee engagement platform used by Nintendo of America, resulted in the theft of internal survey data and potentially employee personal information. Nintendo confirmed that its own systems were not compromised and that no customer or financial data was accessed. The extortion group Shadowbyt3$ claimed to have exfiltrated approximately 1GB of data, including employee names, emails, bank statements, and W-9 forms, and demanded a ransom. Nintendo is collaborating with the service provider to mitigate the issue. The attack is limited to internal employee data and does not affect Nintendo's gaming operations or customer information.
Potential Impact
The breach exposed internal employee survey data and possibly sensitive personal employee information such as names, email addresses, bank statements, and tax forms. No customer or financial data from Nintendo systems was compromised. The incident poses a risk to affected employees' privacy and may lead to extortion or identity theft attempts. Nintendo's operational systems and customer data remain secure and unaffected.
Mitigation Recommendations
Nintendo is working with the TinyPulse service provider to address and remediate the breach. Since Nintendo's own systems were not compromised and customer data was not accessed, no direct action is required from customers or account holders. Organizations using third-party services should review their vendor security posture and monitor for any further disclosures or ransom demands. Law enforcement advises against paying ransoms as it encourages further attacks and does not guarantee data deletion.
Nintendo confirms data stolen in WebMD subsidiary cyberattack
Description
Nintendo of America confirmed that survey data from the third-party TinyPulse service used internally was stolen by threat actors. Nintendo's own systems were not compromised, and no customer or financial data was accessed. The stolen data reportedly includes internal employee survey content and possibly personal employee details dating back several years. The threat actor group Shadowbyt3$ claimed responsibility, demanding a $2 million ransom and threatening to leak more data. Nintendo is working with TinyPulse to address the issue. There is no indication that Nintendo gaming systems or customer data were affected.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
A cyberattack targeting TinyPulse, a third-party employee engagement platform used by Nintendo of America, resulted in the theft of internal survey data and potentially employee personal information. Nintendo confirmed that its own systems were not compromised and that no customer or financial data was accessed. The extortion group Shadowbyt3$ claimed to have exfiltrated approximately 1GB of data, including employee names, emails, bank statements, and W-9 forms, and demanded a ransom. Nintendo is collaborating with the service provider to mitigate the issue. The attack is limited to internal employee data and does not affect Nintendo's gaming operations or customer information.
Potential Impact
The breach exposed internal employee survey data and possibly sensitive personal employee information such as names, email addresses, bank statements, and tax forms. No customer or financial data from Nintendo systems was compromised. The incident poses a risk to affected employees' privacy and may lead to extortion or identity theft attempts. Nintendo's operational systems and customer data remain secure and unaffected.
Mitigation Recommendations
Nintendo is working with the TinyPulse service provider to address and remediate the breach. Since Nintendo's own systems were not compromised and customer data was not accessed, no direct action is required from customers or account holders. Organizations using third-party services should review their vendor security posture and monitor for any further disclosures or ransom demands. Law enforcement advises against paying ransoms as it encourages further attacks and does not guarantee data deletion.
Technical Details
- Article Source
- {"url":"https://www.bleepingcomputer.com/news/security/nintendo-confirms-data-stolen-in-webmd-subsidiary-cyberattack/","fetched":true,"fetchedAt":"2026-06-18T18:37:06.458Z","wordCount":859}
Threat ID: 6a343ad2f198dc38c14a1f83
Added to database: 6/18/2026, 6:37:06 PM
Last enriched: 6/18/2026, 6:37:14 PM
Last updated: 6/18/2026, 6:37:43 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.