Nintendo says its internal systems remain secure after a hacker group claimed it stole company-related data and demanded a US$2mil (RM8.23mil) ransom to keep the information from being released.

The group, known as ShadowByt3$, alleged that it obtained roughly 860 megabytes of information connected to Nintendo of America. The hackers claimed the files included employee-related records, survey data and other internal documents. The group reportedly threatened to publish the material if its ransom demand was not met.

In a statement, Nintendo confirmed that a breach involving a third-party service had occurred but said the incident did not involve the company’s own network. The company identified the affected platform as TINYpulse, a service used for internal employee surveys and feedback collection.

Nintendo said the exposed information was limited to survey-related content involving a small number of employees and that much of the material dates back several years. The company added that employees outside North America were not affected by the incident.

The company emphasised that no customer data, payment information or financial records belonging to consumers were accessed. Nintendo said its own systems were not compromised and that it is working with the third-party provider to address the issue and review security measures.

While the incident appears to have been limited in scope, cybersecurity experts have increasingly warned about the risks posed by third-party vendors that handle sensitive business information. Attacks targeting third-party service providers have become a common way for cybercriminals to gain access to employee records and internal company documents without directly breaching a company’s primary network.

For now, Nintendo says there is no indication that Nintendo Switch accounts, customer payment data or player information were involved. The company has not advised consumers to take any action related to the incident. – TNS