After cyber attack: Data leak at Pokémon developer Game Freak

Video game developer Game Freak has reported a cyberattack. The studio is best known for its Pokémon series titles. According to the development studio, unknown attackers gained access to personal data during the IT security incident. However, there are also reports of leaked information about previously unreleased Pokémon games.

Advertisement

IT security incident

In the official statement, Game Freak states that the cyberattack took place in August 2024. This allowed attackers to access the personal data of 2,606 employees. According to the company, personal data includes names and business email addresses. Those affected are currently being contacted.

Game Freak says it has now restored server security. They also say they have hardened their systems to make future attacks more difficult. It is not yet known exactly how the attackers gained access.

Alleged data leak

According to media reports, including from Comicbook.com, there are indications that, in addition to personnel data, internal game development data was also leaked. According to reports, information is circulating on the Internet about the upcoming Pokémon game codenamed “Gaia” and a massively multiplayer online role-playing game (MMORPG) for the as yet unreleased Nintendo Switch 2 game console. In addition, source code for older Pokémon titles is said to have been leaked.

The X account Centro LEAKS lists more information about published information about the Pokémon franchise that allegedly comes from the cyberattack. So far, neither Game Freak nor Nintendo have commented on the alleged data leak from the Pokémon games, and there is no official confirmation yet.

Like other industries, game developers and publishers often have to deal with data leaks. In July, a third party involved in organizing US online gaming platform operator Roblox’s annual developer conference caused such a data breach. Personal information such as names, email addresses and IP addresses were apparently exposed. Participants who had registered via the third-party platform in the last two years were affected.

(des)