Nintendo of America Confirms Limited Exposure After Alleged TinyPulse Breach
Nintendo of America has acknowledged an issue involving TinyPulse, a third‑party employee survey service, after a hacking group claimed to have leaked internal Nintendo data.
The company — known for hardware such as the Nintendo Switch and services like the Nintendo eShop and periodic Nintendo Direct presentations — said its own systems were not compromised and that customer or financial records were not accessed.
What Nintendo said
In a statement provided to media outlets, Nintendo of America said it is aware of an incident involving TinyPulse and confirmed the exposure appears limited to internal survey content from a small subset of employees.
The company added that most of the affected survey records date back several years, that its internal systems have not been breached, and that no personal customer or financial data was accessed.
Nintendo said it is working with the third‑party service provider to address the issue.
Allegations from ShadowByt3$
The claim originated with hacking group ShadowByt3$, which — according to reporting by TechNadu and aggregators such as Nintendo Everything — said it accessed approximately 859MB of data on June 13, 2026, and issued a deadline for a response by June 15.
The group asserted the data set included employee names, bank statements, employee IDs and internal reports and analytics.
These claims remain unverified by independent forensic review at the time of this report.
Context and precedent
Targeting third‑party HR and vendor platforms is a documented tactic used by criminal groups to access organizational data without breaching a company’s primary infrastructure.
Industry observers compare the scale of this alleged leak to earlier incidents cited in reporting, noting it is smaller than the widely reported 2024 'teraleak' affecting The Pokémon Company but nonetheless sensitive if verified.
Timeline and sources
- Alleged access date: June 13, 2026 (claimed by ShadowByt3$)
- Public deadline set by group: June 15, 2026
- Nintendo of America statement provided June 16, 2026
Initial reporting on the claim appeared on TechNadu and was summarized by Nintendo Everything.
Nintendo of America’s statement confirmed limited exposure related to TinyPulse and emphasized that Nintendo’s systems and customer data were not compromised.
What happens next
Nintendo said it is working with the service provider to resolve the issue.
The company and outside security teams would be the appropriate parties to confirm the scope of any verified exposure; this article will be updated as additional, verified information becomes available.
Nintendo of America has acknowledged an issue involving TinyPulse, a third‑party employee survey service, after a hacking group claimed to have leaked internal Nintendo data.
The company — known for hardware such as the Nintendo Switch and services like the Nintendo eShop and periodic Nintendo Direct presentations — said its own systems were not compromised and that customer or financial records were not accessed.
What Nintendo said
In a statement provided to media outlets, Nintendo of America said it is aware of an incident involving TinyPulse and confirmed the exposure appears limited to internal survey content from a small subset of employees.
The company added that most of the affected survey records date back several years, that its internal systems have not been breached, and that no personal customer or financial data was accessed.
Nintendo said it is working with the third‑party service provider to address the issue.
Allegations from ShadowByt3$
The claim originated with hacking group ShadowByt3$, which — according to reporting by TechNadu and aggregators such as Nintendo Everything — said it accessed approximately 859MB of data on June 13, 2026, and issued a deadline for a response by June 15.
The group asserted the data set included employee names, bank statements, employee IDs and internal reports and analytics.
These claims remain unverified by independent forensic review at the time of this report.
Context and precedent
Targeting third‑party HR and vendor platforms is a documented tactic used by criminal groups to access organizational data without breaching a company’s primary infrastructure.
Industry observers compare the scale of this alleged leak to earlier incidents cited in reporting, noting it is smaller than the widely reported 2024 'teraleak' affecting The Pokémon Company but nonetheless sensitive if verified.
Timeline and sources
- Alleged access date: June 13, 2026 (claimed by ShadowByt3$)
- Public deadline set by group: June 15, 2026
- Nintendo of America statement provided June 16, 2026
Initial reporting on the claim appeared on TechNadu and was summarized by Nintendo Everything.
Nintendo of America’s statement confirmed limited exposure related to TinyPulse and emphasized that Nintendo’s systems and customer data were not compromised.
What happens next
Nintendo said it is working with the service provider to resolve the issue.
The company and outside security teams would be the appropriate parties to confirm the scope of any verified exposure; this article will be updated as additional, verified information becomes available.