NVIDIA confirms GeForce NOW data breach affecting Armenian customers

NVIDIA has confirmed in a press release for BleepingComputer that GeForce NOW consumer info has been uncovered in a data breach.

The gaming and {hardware} big has clarified that the impression is proscribed to Armenia, and was attributable to a compromise of the infrastructure operated by a regional companion.

The corporate added that its personal community was not impacted by the incident.

“Our investigation discovered no impression on NVIDIA-operated providers. The difficulty is proscribed to programs run by a third-party GeForce NOW Alliance companion based mostly in Armenia.  We’re working intently with the companion to assist their investigation and determination. Impacted customers shall be notified by GFN.am,” the corporate mentioned.

The assertion is available in response to a put up final week on a hacker discussion board from a menace actor utilizing the ShinyHunters nickname, claiming to have breached the GeForce NOW service and stolen hundreds of thousands of consumer data.

Nonetheless, the ShinyHunters actor who revealed the breach on the hacker discussion board is believed to be an imposter.

In keeping with the menace actor, the stolen info contains full names, electronic mail addresses, usernames, dates of beginning, membership standing, and 2FA/TOTP standing.

The menace actor additionally posted samples of the stolen knowledge and provided the total database for $100,000 paid in Bitcoin or Monero.

The NVIDIA GeForce NOW cloud gaming service lets customers stream to their programs video games operating on extra highly effective {hardware} utilizing NVIDIA GPUs in a datacenter.

GFN.am is the Armenian regional operator for GeForce NOW, liable for working NVIDIA’s service within the nation.

Alliance companion environments can function unbiased authentication programs, native buyer databases, regional billing platforms, and domestically managed infrastructure.

An announcement posted by GFN.am confirms a cybersecurity incident that passed off between March 20 and 26 and uncovered the next info:

• Full title (if utilizing a Google account)
• E-mail handle
• Cellphone quantity (if registered via a cell operator)
• Date of beginning
• Username

GFN.am has clarified that no account passwords have been uncovered within the incident, and any customers who registered to the service after March 9 usually are not impacted.

In keeping with NVIDIA’s assist web page, GFN.am can also be liable for managing GeForce NOW operations in Azerbaijan, Georgia, Kazakhstan, Moldova, Ukraine, and Uzbekistan, however no impression on these nations has been confirmed.

BleepingComputer discovered that the menace actor’s put up has now been faraway from the hacker discussion board.

It’s unclear if the database has been offered to a purchaser or if the vendor or discussion board directors deleted it.

Replace [14:14]: Added info that the menace actor could also be a ShinyHunters impersonator.