Intro
On June 13, 2026, an online claim emerged alleging that a threat actor using the handle SHADOWBYT3$ had obtained roughly 859MB of data from systems tied to TINYpulse, a platform associated with employee surveys and workplace feedback.
The assertion specifically links the dataset to employee information at Nintendo.
As of publication, the claim has not been independently verified by Nintendo or major cybersecurity authorities.
What the report says
The posted claim lists the types of data said to be included in the 859MB archive: employee names and email addresses, survey responses, analytics reports, bank statement PDFs, W-9 tax forms, workplace feedback, and employee progress records.
These categories, if authentic, would include both personal and financial documents alongside internal HR analytics.
Rewriting the notable technical assessment
Technology outlet Technadu noted that TINYpulse provides employee engagement and workplace feedback tools, which corresponds with the survey and feedback records described in the claimed dataset.
Technadu added that, if the claim is accurate, the dataset would unite sensitive personal and financial documents—such as bank statements and W-9 tax forms—with internal workplace analytics.
Verified context and historical precedent
Nintendo has experienced widely publicized data incidents in the past.
The 2020 "Gigaleak" is a verified event in which a large trove of Nintendo-related files—including source code and prototype assets—was leaked online.
That incident drew extensive attention across the industry and underscored the risks posed by large, public leaks of developer materials and internal files.
In 2024, multiple reports circulated about a separate Pokémon-related leak linked to Game Freak servers that included development material and some personal data.
Reports at the time indicated unauthorized access to Game Freak systems and the disclosure of development assets; outlets described the incident as impactful for Pokémon-related content.
Media coverage recommended caution and attributed claims to official statements and investigative reporting where available.
Platform context
Nintendo is the publisher and hardware maker behind the Nintendo Switch, which launched March 3, 2017.
Nintendo’s digital storefront, the Nintendo eShop, and its frequent presentation events, Nintendo Direct, mean that leaks or data compromises can have downstream impacts on development timelines and public messaging when they involve proprietary development materials or employee information.
Current status and what we know
At present, the June 13, 2026 claim remains unverified.
Nintendo has not issued a public statement confirming the alleged TINYpulse compromise or the data categories listed in the claim.
Responsible reporting requires treating the archive as an alleged dataset until confirmation from Nintendo or an independent cybersecurity investigation is published.
We will update this report if Nintendo or a reputable security firm provides verification, or if additional authoritative details about the claimed SHADOWBYT3$ archive become available.
On June 13, 2026, an online claim emerged alleging that a threat actor using the handle SHADOWBYT3$ had obtained roughly 859MB of data from systems tied to TINYpulse, a platform associated with employee surveys and workplace feedback.
The assertion specifically links the dataset to employee information at Nintendo.
As of publication, the claim has not been independently verified by Nintendo or major cybersecurity authorities.
What the report says
The posted claim lists the types of data said to be included in the 859MB archive: employee names and email addresses, survey responses, analytics reports, bank statement PDFs, W-9 tax forms, workplace feedback, and employee progress records.
These categories, if authentic, would include both personal and financial documents alongside internal HR analytics.
Rewriting the notable technical assessment
Technology outlet Technadu noted that TINYpulse provides employee engagement and workplace feedback tools, which corresponds with the survey and feedback records described in the claimed dataset.
Technadu added that, if the claim is accurate, the dataset would unite sensitive personal and financial documents—such as bank statements and W-9 tax forms—with internal workplace analytics.
Verified context and historical precedent
Nintendo has experienced widely publicized data incidents in the past.
The 2020 "Gigaleak" is a verified event in which a large trove of Nintendo-related files—including source code and prototype assets—was leaked online.
That incident drew extensive attention across the industry and underscored the risks posed by large, public leaks of developer materials and internal files.
In 2024, multiple reports circulated about a separate Pokémon-related leak linked to Game Freak servers that included development material and some personal data.
Reports at the time indicated unauthorized access to Game Freak systems and the disclosure of development assets; outlets described the incident as impactful for Pokémon-related content.
Media coverage recommended caution and attributed claims to official statements and investigative reporting where available.
Platform context
Nintendo is the publisher and hardware maker behind the Nintendo Switch, which launched March 3, 2017.
Nintendo’s digital storefront, the Nintendo eShop, and its frequent presentation events, Nintendo Direct, mean that leaks or data compromises can have downstream impacts on development timelines and public messaging when they involve proprietary development materials or employee information.
Current status and what we know
At present, the June 13, 2026 claim remains unverified.
Nintendo has not issued a public statement confirming the alleged TINYpulse compromise or the data categories listed in the claim.
Responsible reporting requires treating the archive as an alleged dataset until confirmation from Nintendo or an independent cybersecurity investigation is published.
We will update this report if Nintendo or a reputable security firm provides verification, or if additional authoritative details about the claimed SHADOWBYT3$ archive become available.