Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse
Nintendo America employee data exposed after Shadowbyt3$ targets TinyPulse.
Summary
Nintendo America confirmed a data breach impacting its employees after the Shadowbyt3$ extortion group claimed to have stolen sensitive HR and financial information from TinyPulse, a third-party HR platform. The attackers accessed TinyPulse's cloud environment, not Nintendo's network directly, and are leaking data samples after Nintendo refused to pay a ransom.
Full text
Data Breaches Cyber Attacks Cyber Crime SecurityNintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse Nintendo America employee records were exposed via TinyPulse after Shadowbyt3 claimed theft of HR files, tax forms, bank data, and staff survey responses. byDeeba AhmedJune 19, 20262 minute read A third-party human resources platform called TinyPulse has become the victim of a supply-chain attack that resulted in the exfiltration of records belonging to Nintendo of America employees. The breach was confirmed by Nintendo following claims from the notorious Shadowbyt3 extortion group. The attackers, reportedly, didn’t compromise Nintendo’s own network perimeter, but accessed the cloud environment of TinyPulse. For your information, this is an employee survey, feedback, and workforce analytics platform owned by WebMD Health Services. Since TinyPulse aggregates workforce metrics and personnel details of its client base, the infrastructure contained a large volume of identifiable employee data. Alert from VenariX Cyber Feeds on Telegram after SHADOWBYT3$ claims Breach Details and Attribution Shadowbyt3$, which emerged in October 2025 and operates as an extortion-as-a-service group, published this claim in the attack on 12 June 2026, and demanded a ransom payment of 2 million USD from Nintendo to prevent public data exposure. The group gave a 48-hour deadline to Nintendo for ransom payment, but the gaming giant declined to negotiate with them. Following Nintendo’s refusal, Shadowbyt3$ shifted its financial demands directly to TinyPulse, setting a secondary deadline of 16 June. When this deadline passed without payment, they started leaking data samples onto their dark web platform. Shadowbyt3$ claims to have stolen an 859-megabyte dataset comprising records from 2016 to early 2026, whereas according to Nintendo’s official statement, the exposed data is limited to a small subset of internal employee survey responses from previous years. Hackers still allege the files contain: Bank statement PDFs Employee names and corporate email addresses W-9 tax forms containing employee identification numbers Private messages and internal chat logs between staff members Workforce progress plans and human resources analytics reports Security experts have reviewed the published sample files and verified that multiple named individuals are active Nintendo of America employees. Screenshot from SHADOWBYT3$’s dark web leak site Ongoing Security Risks for Corporate Personnel The exposure of W-9 tax documents and financial records introduces long-term identity theft risks because hackers routinely use this information to file fraudulent tax returns and divert financial refunds. Along with that, the exfiltrated banking details can help scammers to create targeted phishing emails using accurate corporate details to manipulate victims. However, since TinyPulse operates a multi-tenant software architecture serving hundreds of corporate clients, other businesses using the platform may face similar data exposure risks. Nintendo confirmed that the scope of the incident is restricted to Nintendo of America personnel. It is still recommended that any employee who uses the TinyPulse platform must implement credit freezes with reliable credit bureaus like Equifax, Experian, and TransUnion. They must also carefully monitor their tax filings for unauthorized changes. Deeba Ahmed Deeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform’s trusted coverage. View Posts Cyber AttackCyber CrimeCybersecuritydata breachgamingNintendoShadowbyt3$TinyPulse Leave a Reply Cancel reply View Comments (0) Related Posts News Google News Security unCAPTCHA algorithm can Crack Google’s AI System reCAPTCHA A new algorithm called unCAPTCHA has been developed by researchers from the University of Maryland. It can defeat… byWaqas Security Leaks 9,517 unsecured databases identified with 10 billion records globally According to the NordPass password manager, there are more than nine... byZara Khan Read More Security The Rising Threat of API Attacks: How to Secure Your APIs in 2025 API attacks are constantly on the rise, with a recent alarming study showing that 59% of organizations give… byWaqas Security New Bug Lets You Crush Anyone’s WhatsApp with 4000 Smileys Do you know crashing Whatsapp desktop or mobile version doesn’t require advanced hacking skills or machinery, what you… byCarolina
Indicators of Compromise
- malware — Shadowbyt3$