The hacking group ShinyHunters—the same notorious collective that recently attempted to ransom Rockstar Games over stolen data—has claimed responsibility for a new breach involving GeForce Now user records.

Taking to a black hat hacking forum last week, the group announced they had successfully breached servers and were looking to sell "millions of real user records" to the highest bidder. While the scale of the leak is still being debated, the potential impact on user privacy is significant.

Details of the GeForce Now Data Breach

According to reports originally spotted by The Cybersec Guru, ShinyHunters claims to have extracted an entire database directly from the backend. The leaked information reportedly includes:

  • First and last names
  • Email addresses
  • Dates of birth
  • Membership status
  • Two-Factor Authentication (2FA) status

The inclusion of 2FA status is particularly concerning for security experts. If bad actors know which accounts lack extra protective measures, they can target those specific users with a much higher success rate when attempting account takeovers.

Nvidia Responds to ShinyHunters Claims

Nvidia has moved quickly to clarify the scope of the incident, suggesting that the core infrastructure remains secure. In a statement provided to VideoCardz, Nvidia clarified that the breach did not originate within their primary network.

"Our investigation found no impact to Nvidia-operated services," Nvidia stated. "The issue is limited to systems run by a third-party GeForce Now Alliance partner based in Armenia. We are working closely with the partner to support their investigation and resolution. Impacted users will be notified by GFN.am."

While this distinction suggests that Nvidia's core services remain intact, it leaves a massive question mark regarding exactly how much user data was compromised. The breach appears localized to the Armenian provider, GFN.am, meaning most global users are likely safe from direct exposure.

Security Recommendations for Affected Users

If you are an active or former user of the Armenian GeForce Now service, immediate action is required to secure your digital identity. Because ShinyHunters claims to possess a massive list of email addresses, the risk of phishing attacks and spam remains high even after passwords are changed.

To mitigate risks, users should:

  1. Update Passwords: Change your password immediately if you have an account with GFN.am.
  2. Enable 2FA: Ensure Two-Factor Authentication is active on all sensitive accounts.
  3. Watch for Phishing: Be extra vigilant regarding suspicious emails that may use leaked personal details to appear legitimate.

This latest move by ShinyHunters follows their recent high-profile extortion attempt against Rockstar Games, where the group released stolen data after a ransom demand was refused. As this group continues to target major gaming entities and their partners, the importance of robust third-party cybersecurity has never been more apparent.