Hackers Breached Nintendo and Demand Ransom for Sensitive Data

The hacker group Crimson Collective announced the hacking of several Nintendo projects and published screenshots of folders allegedly belonging to the Japanese company. The leak, according to the hackers, contains materials for both already released games and projects in development, as well as backup copies of data.

Details about the scale of the hack and what Crimson Collective intends to do with the allegedly stolen data are still lacking. The group’s recent attack on Red Hat may serve as a guide: hackers claimed to have breached its private GitHub repositories and stolen 570 GB of information, including customer authentication data. They then announced their intention to attack Nintendo’s website.

Crimson Collective members contacted Red Hat through official channels, attempting to extort money from the company and providing screenshots of internal folders as proof of the hack. However, Red Hat ignored their demands. On October 2, the company acknowledged the hack and reported that it had contacted the relevant authorities. A similar scenario could unfold with Nintendo. In September, the same group hacked the resources of the telecom operator Claro Colombia, stealing 50 million customer accounts and financial documents.

Cybersecurity experts at Anomali believe that Crimson Collective is conducting large-scale attacks to strengthen its reputation within cybercriminal communities. Analysts were particularly interested in the name under which the hackers publish their messages: Miku. This pseudonym was previously used by Thalha Jubair, a 19-year-old member of the LAPSUS$ and Scattered Spider groups, who, according to media reports, is in custody awaiting trial.