Japanese video game developer Game Freak confirmed last week that it suffered a cyberattack earlier this year, resulting in a data leak.
The statement from the Tokyo-based co-owner of the popular Pokémon series followed reports that hackers breached the company’s systems and allegedly stole a large amount of data.
Pokémon has a large fanbase worldwide. As of 2024, more than 480 million Pokémon games have been sold globally, making it the third-best-selling video game franchise, behind Mario and Tetris.
Game Freak said the hack occurred in August when an unnamed threat actor gained unauthorized access to the company’s servers, leaking the personal data of more than 2,600 current and former employees, including their names and email addresses.
The company did not comment on whether unreleased and upcoming projects were leaked, as previously reported. Game Freak did not respond to a request for comment by the time of publication.
Over the weekend, gaming publication Nintendo Everything reported that source code for various Pokémon games, along with previously unseen Pokémon art, design documents and other development materials, had begun surfacing online. The outlet published examples of the allegedly leaked data.
Some of the purported leaked data was also posted on X by the CentroLeaks account, which describes itself as “the biggest source of Pokémon leaks, rumors, and news,” as well as on the PokeLeaks subreddit. The authenticity of these leaks remains unclear.
In response to the data leak, Game Freak said it has “rebuilt and re-inspected the server” and will continue to strengthen its security measures to prevent future incidents.
“We deeply apologize for the great inconvenience and concern caused to all those involved,” the company said, adding that it has contacted the affected employees individually.
Earlier this year, another Japanese company, Kadokawa, known for producing manga, anime and video games, was hit by a cyberattack. The company confirmed that some of its data was leaked in a ransomware attack claimed by the BlackSuit threat actor.
Japanese video game company Nintendo, another Pokémon co-owner, suffered a massive breach in 2020, when hackers leaked game and console source code, along with internal documentation and development tools.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
