Key Takeaways
1. The hacking group Crimson Collective claims to have breached Nintendo, following their attack on Red Hat, and shared evidence of this via Hackmanac on X (formerly Twitter).
2. Crimson Collective has increased hacking activities recently, previously stealing 570GB of data from Red Hat and hacking Claro Colombia.
3. The group exploits cloud misconfigurations, exposed login details, and web application weaknesses to access sensitive data.
4. Nintendo has a history of data breaches, including a significant incident in 2020 involving the compromise of 160,000 user accounts.
5. Nintendo has not commented on the recent hacking claims, leaving uncertainty about the extent of any leaked or compromised information.
As per a new cyber alert, the hacking group known as Crimson Collective has announced that they have hacked Nintendo, following their recent attack on Red Hat. This announcement was made through cybersecurity observer Hackmanac on X (previously Twitter), and included a screenshot that appears to show the directory tree of internal Nintendo files and topics. The listing reveals folders that indicate access to various assets, administrative resources, production backups, and internal manuals.
Rising Threats from Crimson Collective
The Crimson Collective gained attention in September and October 2025 due to a significant increase in their hacking activities. Besides the breach at Red Hat, where they stole 570GB of data from over 28,000 repositories, including Customer Engagement Reports, they also asserted that they hacked Claro Colombia and defaced Nintendo’s website in late September 2025. Their operations mainly take place on Telegram, where they provide evidence of their breaches and issue extortion threats to their victims. They are known for taking advantage of cloud misconfigurations, exposed login details, and weaknesses in web applications to access sensitive data.
Nintendo’s History of Data Breaches
Nintendo has experience dealing with data breaches. For example, in 2020, approximately 160,000 user accounts were compromised due to flaws in the Nintendo Network ID system, which led to the exposure of personal information and unauthorized purchases through associated accounts. In response, the Japanese company took action by resetting passwords and enforcing tighter security protocols, including the end of legacy support and encouraging users to enable two-factor authentication.
At the moment, Nintendo has not released any official comment regarding the latest claims made by the Crimson Collective, and it’s still uncertain how much sensitive information may have been leaked or compromised. However, the company is known for being quite strict in such matters, so it’ll be interesting to see what happens next.
Source:
Link
Leave a Reply