NVIDIA confirms GeForce NOW data breach, pledges full support for investigation

NVIDIA has confirmed a data breach affecting GeForce NOW users in Armenia, though the company insists its own systems were not compromised.

2

The breach, which occurred between March 20 and March 28, 2026, was traced to a regional partner, GFN.am, which manages the service across several Eastern European and Central Asian countries. Stolen data includes names, email addresses, phone numbers, dates of birth, and usernames, but not passwords or data from accounts created after March 9.

The threat actor, using the alias ShinyHunters, listed the data for sale on an underground hacking forum for $100,000 in Bitcoin or Monero. However, ShinyHunters itself denied involvement, calling the breach an "imposter" incident. The forum post was later deleted, though it's unclear whether GFN.am negotiated with the attackers or if administrators removed the thread.

"Our investigation found no impact on NVIDIA-operated services. The issue is limited to systems run by a third-party GeForce NOW Alliance partner based in Armenia. We are working closely with the partner to support their investigation and resolution. Impacted users will be notified by GFN.am," wrote NVIDIA in a statement to BleepingComputer

This confirmed incident highlights the growing vulnerability of third-party service providers in the gaming industry, even for major brands like NVIDIA. While the breach was contained to a single region, it showcases the risks of outsourcing critical infrastructure, as it was only recently that Rockstar Games confirmed a hack through one of its third-party hosting services. As for GFN.am, it is now working to notify affected users, and NVIDIA has pledged full support for the investigation.