Confirmation has been provided by NVIDIA to BleepingComputer regarding a data breach that has impacted users of GeForce NOW in Armenia.
The tech giant stated that the breach was limited to Armenia and was a result of a compromise in the infrastructure of a local partner.
NVIDIA emphasized that their own network was not affected by the breach.
According to the company, the breach only affected systems managed by a third-party GeForce NOW Alliance partner in Armenia. NVIDIA is working closely with this partner to assist in the investigation and resolution of the incident. Affected users will be notified by GFN.am.
This statement comes following a post on a hacker forum last week by an individual using the alias ShinyHunters, claiming to have breached GeForce NOW and obtained millions of user records.
However, it is believed that the ShinyHunters actor who made the claim is not authentic.
The stolen information reportedly includes full names, email addresses, usernames, dates of birth, membership status, and 2FA/TOTP status.
The threat actor also offered to sell the full database for $100,000 in Bitcoin or Monero.
GeForce NOW is a cloud gaming service by NVIDIA that allows users to stream games from more powerful hardware using NVIDIA GPUs in a datacenter.
GFN.am is the regional operator for GeForce NOW in Armenia, responsible for managing the service in the country.
Alliance partner environments have their own authentication systems, customer databases, billing platforms, and infrastructure.
GFN.am has confirmed a cybersecurity incident that occurred between March 20 and 26, exposing information such as full names (for Google accounts), email addresses, phone numbers (for mobile operator registrations), dates of birth, and usernames.
GFN.am clarified that no account passwords were exposed in the breach, and users who registered after March 9 are not affected.
According to NVIDIA’s help page, GFN.am also manages GeForce NOW operations in other countries like Azerbaijan, Georgia, Kazakhstan, Moldova, Ukraine, and Uzbekistan, but no impact has been confirmed in those regions.
BleepingComputer discovered that the post by the threat actor has been removed from the hacker forum, leaving uncertainty about the fate of the stolen database.
It remains unclear whether the database was sold or deleted by the seller or forum administrators.
Update [14:14]: Additional information suggests that the threat actor could be impersonating ShinyHunters.
AI combined four zero-day exploits to bypass both renderer and OS sandboxes, signaling a wave of new vulnerabilities. Learn more at the Autonomous Validation Summit (May 12 & 14) about context-rich validation and its role in identifying vulnerabilities, verifying controls’ effectiveness, and completing the remediation process.
Secure Your Spot
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Subscribe to our weekly newsletter below and never miss the latest News or an exclusive offer.
