Pokemon developer discloses breach, extent of leak remains a mystery


Game Freak, the developers behind Pokemon, recently released a statement announcing a data breach, which revealed the personal data of over 2,500 employees.

The information lost in the leak included the names of employees and company email addresses.

According to the Pokemon developer, an unauthorized third party accessed Game Freak’s server in August 2024, leaking the personal data of its employees.

ADVERTISEMENT

The document released by Game Freak says that employees and cosigned business workers, including retirees and former employees, may have been impacted.

Game Freak says it is contacting each of the 2606 affected employees individually, and those who no longer work with the developer will need to contact Game Freak.

Game Freak is a Japanese game developer well known for its work on the Pokemon franchise. According to Nintendo fandom, Pokemon has sold over 300 million copies, and Game Freak jointly owns Pokemon.

The game developer was one of the founders of the Pokemon Company established in 1998 by Nintendo, Creatures Inc, and Game Freak.

As of March 2024, the game developer has 207 full-time and contracted employees.

News outlets like Nintendo Life, IGN, and Nintendo Everything previously reported that massive amounts of data were leaked, ranging from source code to behind-the-scenes information.

However, these outlets didn’t specify how much data was leaked but did provide names of certain games, projects, and devices that were supposedly revealed.

Nintendo Everything claimed that the source code for Pokemon Heart Gold, Soul Silver, Black 2, and White 2 surfaced online.

As well as code names for products, including the code name for the Nintendo Switch 2, have allegedly been leaked.

ADVERTISEMENT

However, Game Freak’s statement, originally in Japanese, didn’t mention anything about leaked Pokemon data or code names for upcoming releases.

Adrianus Warmenhoven, a cybersecurity expert at NordVPN, shares what this data leak means in the cybersecurity context:

“This data breach is concerning, underscoring the vulnerability of even well-established corporations such as Game Freak," Warmenhove said "It also highlights the importance of proactive security measures such as multi-factor authentication (MFA), regular system audits, and employee training on cybersecurity risks."

Cybernews has reached out to Game Freak via the Pokemon Company to clarify details of the leak.