Security Affairs
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Pokemon dev Game Freak discloses data breach

Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online. Game Freak Inc. is a popular Japanese video game developer, founded on April 26, 1989, by Satoshi Tajiri, Ken Sugimori, and Junichi Masuda. It is primarily known as the main developer of the Pokémon video game series. The […]

Game Freak

Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online.

Game Freak Inc. is a popular Japanese video game developer, founded on April 26, 1989, by Satoshi Tajiri, Ken Sugimori, and Junichi Masuda. It is primarily known as the main developer of the Pokémon video game series. The developer started in 1996 with the Pokémon Red and Blue for Nintendo Game Boy.

Game Freak confirmed it suffered a cyberattack in August following the leak of source code and game designs for unpublished games.

Screenshots of source code and development builds for upcoming Game Freak’s Pokémon games were published on multiple social media platforms, including Discord, Reddit, and X over the weekend.

Nintendo Everything also reported the leak of Pokémon game source code, unseen Pokémon art, design documents, and other development materials surfacing online.

The Tokyo-based developer confirmed that threat actors had access to the company’s systems and allegedly stole a huge trove of data.

“(Game Freak Co., Ltd.) (Headquarters: Chiyoda-ku, Tokyo; Representative Director: Satoshi Tajiri, hereinafter referred to as “our company”) would like to inform you that due to unauthorized access to our company’s server by a third party in August 2024, personal information of our employees and others was leaked. We sincerely apologize for any inconvenience and concern this may cause to those involved.” reads the statement.

The leaked data included personal data (names and company email addresses) of 2,606 individuals, covering employees, contractors, and retirees.

“We are contacting the affected employees and others individually. For those who have retired or cannot be contacted individually, we will inform them through this announcement and establish an inquiry window to address their concerns.” continues the statement. “Although we have already rebuilt and re-inspected our servers, we will strive to prevent recurrence by further strengthening our security measures.”

The company is not aware of any impact on Pokémon player data following the cyber attack. At this time, no threat actors have claimed responsibility for the cyberattack.

In 2020, Nintendo, another co-owner of Pokémon, suffered a data breach, with attackers leaking source code, internal documents, and development tools.

The Japanese video game giant Nintendo admitted that threat actors breached 300,000 accounts. The hackers gained access to personal information, including birthdays and email addresses, but financial data were not impacted.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Game Freak)