Nintendo Denies Alleged 570GB Data Breach

• Nintendo, in an interview, denied the hacking of a large pool of internal data.
• This hacker group previously hacked into Red Hat’s private information.
• Nintendo faced another cyber-intrusion in 2020, which affected 160,000 accounts.

Nintendo recently became the talk of the town when an unverified news of a corporate data breach spread on social media. Responding to it, the gaming giant has formally refuted these allegations. In an interview with a Japanese publication, The Sankei Shimbun, on October 15, 2025, the company confirmed that no such significant breach took place.

On October 11, 2025, Crimson Collective, a hacker group, claimed to have imported huge chunks of data from Nintendo’s internal data systems. Cybersecurity firm Hackmanac disclosed a screenshot by the hacker group in X (formerly Twitter), depicting various confidential directories related to production, preview, and finances of Nintendo, amounting to 570 GB of data. 
The post showed Crimson Collective captioning the shared screenshot saying, “Who said we do not have Nintendo topics files?” The evidence at the time was circumstantial, momentarily generating concerns and doubts from experts worldwide.

Nintendo’s Statement on the Alleged Data Breach

Nintendo told The Sankei Shimbun, "We have not confirmed any leak of personal information, and there has been no leak of development or business information."  

Additionally, the gaming giant explained that although some external servers that hosted portions of its website were momentarily rewritten, there is no proof that this had an effect on customers or that there was an internal network attack.

‘Crimson Collective’ vs. Red Hat

The hacker group, Crimson Collective, had earlier breached U.S.-based Red Hat group's private GitHub repositories around mid-September 2025. 

They allegedly stole about a similar quantity of compressed data (570 GB), as claimed for the refuted Nintendo case, from 28,000 internal repositories of Red Hat. These repositories also included 800 Customer Engagement Reports (CER), which contained intimate information like client infrastructure details, configurations, and credentials.

On October 2, 2025, Red Hat confirmed the security breach, revealing that attackers had hacked a GitLab instance intended for use by its Consulting staff.