• Home
  • cyber
  • Nintendo and TinyPulse: Nintendo, third-party program hit by cyberattack for $2M ransom
cyber Ransomware

Nintendo and TinyPulse: Nintendo, third-party program hit by cyberattack for $2M ransom

Jun 13, 2026 2 min read
Nintendo and TinyPulse: Nintendo, third-party program hit by cyberattack for $2M ransom

Nintendo Hit by Ransomware Attack Targeting Employee Data via Third-Party Vendor

Nintendo recently fell victim to a cyberattack by the hacking group ShadowByt3$, which threatened to leak stolen employee data unless a $2 million ransom was paid within two days. The breach, detected on June 13, originated through TinyPulse, a third-party HR platform used by Nintendo of America for employee feedback and performance analytics.

The attackers claimed to have exfiltrated 859 MB of sensitive data, including names, surveys, bank statements, tax forms, and other internal documents. Initially, ShadowByt3$ demanded payment by June 15 to prevent the release of the information. When no ransom was paid, the group escalated its threats on June 14, extending the deadline to June 16 and targeting TinyPulse directly a tactic known as triple extortion, where attackers pressure multiple parties connected to the victim.

Nintendo confirmed the incident in a June 15 statement, clarifying that its own systems remained uncompromised and that no customer or financial data was accessed. The exposed information was limited to internal survey content from a small subset of employees, much of it dating back several years. The company is working with TinyPulse to address the breach.

As of June 17, no further threats or negotiations have been reported, though investigations into the breach’s full impact are ongoing. Nintendo of America, headquartered in Redmond, Washington, operates as the North and South American arm of the Kyoto-based company, founded in 1889.

Source: https://www.aol.com/articles/nintendo-third-party-program-hit-164042883.html

Nintendo cybersecurity rating report: https://www.rankiteo.com/company/nintendo

WebMD Health Services cybersecurity rating report: https://www.rankiteo.com/company/webmd-health-services

"id": "NINWEB1781720981",
"linkid": "nintendo, webmd-health-services",
"type": "Ransomware",
"date": "6/2026",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': '0 (no customer data '
                                              'compromised)',
                        'industry': 'Video Games',
                        'location': 'Redmond, Washington, USA',
                        'name': 'Nintendo of America',
                        'type': 'Subsidiary'}],
 'attack_vector': 'Third-party vendor (TinyPulse HR platform)',
 'customer_advisories': 'Statement clarifying no customer data was compromised',
 'data_breach': {'data_exfiltration': 'Yes (859 MB exfiltrated)',
                 'personally_identifiable_information': 'Yes (names, bank '
                                                        'statements, tax '
                                                        'forms)',
                 'sensitivity_of_data': 'High (employee personal and financial '
                                        'information)',
                 'type_of_data_compromised': ['Employee PII',
                                              'Internal surveys',
                                              'Bank statements',
                                              'Tax forms']},
 'date_detected': '2024-06-13',
 'date_publicly_disclosed': '2024-06-15',
 'description': 'Nintendo recently fell victim to a cyberattack by the hacking '
                'group *ShadowByt3$*, which threatened to leak stolen employee '
                'data unless a $2 million ransom was paid within two days. The '
                'breach originated through TinyPulse, a third-party HR '
                'platform used by Nintendo of America for employee feedback '
                'and performance analytics. The attackers claimed to have '
                'exfiltrated 859 MB of sensitive data, including names, '
                'surveys, bank statements, tax forms, and other internal '
                'documents. Nintendo confirmed the incident, clarifying that '
                'its own systems remained uncompromised and that no customer '
                'or financial data was accessed.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'employee data exposure',
            'data_compromised': '859 MB of sensitive data (names, surveys, '
                                'bank statements, tax forms, internal '
                                'documents)',
            'identity_theft_risk': 'High (employee PII exposed)',
            'operational_impact': 'Investigation and remediation efforts with '
                                  'TinyPulse',
            'systems_affected': 'TinyPulse HR platform'},
 'initial_access_broker': {'entry_point': 'TinyPulse HR platform'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain (ransom)',
 'post_incident_analysis': {'root_causes': 'Third-party vendor vulnerability '
                                           '(TinyPulse)'},
 'ransomware': {'data_exfiltration': 'Yes',
                'ransom_demanded': '$2,000,000',
                'ransom_paid': 'No'},
 'references': [{'source': 'Cyber incident report'}],
 'response': {'communication_strategy': 'Public statement on June 15',
              'third_party_assistance': 'Collaboration with TinyPulse'},
 'threat_actor': 'ShadowByt3$',
 'title': 'Nintendo Hit by Ransomware Attack Targeting Employee Data via '
          'Third-Party Vendor',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.