Featured Image Credit: Bloomberg / Contributor via Getty
Nintendo was recently targeted by a data breach threat from 'extortion as a service group', ShadowByt3$, with the legendary games developer issuing a statement in response after being threatened with a $2 million ransom.
It's not unusual for big companies to be impacted by data breaches as hackers can easily see the value in sensitive and often confidential information, and Nintendo isn't the first to be targeted and certainly won't be the last.
This recent threat, exposed by ShadowByt3$ on their own website on June 12, gave the studio behind gaming icons such as Mario and Zelda just 48 hours to respond, putting a hefty price on the information leaving many to wonder whether Nintendo would be willing to pay.
That deadline has passed, however, and Nintendo has seemingly refused to cooperate, revealing the reasoning behind this decision despite to potential consequences as ShadowByt3$ now seemingly moves on to another target.
As reported by Kotaku, the data obtained by ShadowByt3$ from Nintendo amounted to 859 megabytes, and while this might not sound like much it appeared to expose a lot of potentially confidential information that Nintendo would understandably want to keep under wraps.
Advert
Listed in ShadowByt3$'s dossier was the full name and email addresses of Nintendo employees, various analytics, surveys, and reports from Nintendo's internal workplaces, alongside bank statements including payment PDFs, W9 forms, and employee IDs.
The breach, which appeared to be triggered through employee engagement and feedback tool TINYpulse, also appeared to expose "conversations and personal feelings about work" at Nintendo, alongside a list of the company's 'top employees'.
One user on X that appeared to access the alleged leak saw information suggesting that Nintendo implemented Microsoft's Copilot AI tools into the workplace, which was seemingly an unpopular decision amongst employees.
"I don't think we're considering the negatives of relying too heavily on AI," one employee allegedly wrote, with another outlining their worries about "the push for the Copilot AI tool."
Following its decision to not cooperate with the ransom request issued by ShadowByt3$, Nintendo released a statement to Kotaku indicating the following:
"We are aware of an issue involving TINYpulse, a third-party service used for internal employee surveys at Nintendo of America. Nintendo's systems have not been compromised, and no personal customer or financial data has been accessed.
"The data involved is limited to internal survey content compromising a small subset of our employees, and most of the information dates back several years," the statement continued.
"We appreciate our employees' willingness to share their perspectives, take all feedback seriously, and take actions when needed. We are working with the service provider to address the issue."
It's understandable then that Nintendo was reluctant to pay such a large sum of money for information that it deems to be relatively inconsequential, and there's thankfully nothing to worry about when it comes to any consumer data being leaked.
