Nintendo's internal files allegedly compromised in new Crimson Collective breach

As per a fresh cyber alert, the Crimson Collective hacking group claims to have breached Nintendo, following its recent high-profile attack on Red Hat. The claim, which was posted via cybersecurity watcher Hackmanac on X (formerly Twitter), was accompanied by a screenshot displaying the directory tree of what appears to be internal Nintendo topics and administrative files. The directory listing shows folders that suggest access to assets, admin resources, production backups, and internal manual files.​

The Crimson Collective rose to prominence in September and October 2025 with rapid escalations in their attacks. Apart from the Red Hat breach (where they exfiltrated 570GB of data from over 28,000 repositories, including Customer Engagement Reports), they also claimed breaches at Claro Colombia and a prior defacement of Nintendo's website in late September 2025. The group operates primarily through Telegram, where they share proof of breaches and pressure victims with extortion demands. They are known to exploit cloud misconfigurations, exposed credentials, and vulnerabilities in web applications to gain access.

Nintendo isn't oblivious to such data breaches. For instance, in 2020, around 160,000 user accounts were compromised due to weaknesses in the Nintendo Network ID system, which exposed personal information and allowed unauthorized purchases through linked accounts. The Japanese company responded by resetting passwords and implementing stricter security measures, including discontinuation of legacy support and urging two-factor authentication for users.

As of writing, Nintendo has not issued an official statement on Crimson Collective’s latest claims, and it remains unclear to what extent sensitive material may have been exposed or compromised. However, the company is notorious for being anything but lenient in such cases, so it remains to be seen what's next.

Buy the Nintendo Switch 2 on Amazon.