NVIDIA GeForce NOW Data Breach Impacts Armenian Users

/HIGH
Written by SCW Research Research & Analysis
SCW threat-inteldata-breachmalware
NVIDIA GeForce NOW Data Breach Impacts Armenian Users

NVIDIA has confirmed a data breach affecting its GeForce NOW cloud gaming service. BleepingComputer reports that NVIDIA clarified the incident is limited to users in Armenia and stems from a compromise of infrastructure operated by a regional partner, GFN.am. NVIDIA’s own network was not impacted, underscoring the ongoing supply chain risk posed by third-party integrations.

The breach, initially publicized by the threat actor ShinyHunters on a hacker forum, reportedly exposed millions of user records. According to BleepingComputer, ShinyHunters claimed to have stolen full names, email addresses, usernames, dates of birth, membership status, and 2FA/TOTP status. The threat actor offered the full database for $100,000 in cryptocurrency, highlighting the financial motivation behind such attacks and the immediate monetization of stolen data.

This incident is a stark reminder that even robust security posture at the core vendor doesn’t negate risks introduced by alliance partners. Attackers will always find the weakest link. For CISOs, this means extending due diligence and continuous monitoring far beyond internal systems, into every partner operating critical services under your brand.

What This Means For You

  • If your organization relies on third-party partners to deliver services under your brand, this is a critical case study. You need to verify that your partners' security controls are on par with your own. Audit your third-party risk management program immediately. Ensure your contracts include robust security clauses and audit rights, and that these are actually exercised. Don't assume a partner's security matches yours; it rarely does.

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1190 Initial Access

NVIDIA GeForce NOW Armenian User Data Breach - GFN.am Infrastructure Compromise

Sigma YAML — free preview

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Written by SCW Research

Take action on this incident
📡 Monitor nvidia.com Free · 1 watchlist slot · instant alerts on new breaches 🔍 Threat intel on NVIDIA All breaches, IOCs & vendor exposure

Related coverage on NVIDIA

GM Fined $12 Million in California Privacy Settlement Over Driver Data

GM has agreed to pay over $12 million in a privacy settlement with California officials, marking the largest fine issued under the California Consumer Privacy...

threat-inteldata-breachgovernment
/SCW Research /MEDIUM /⚙ 2 Sigma

Kingdom Market Administrator Sentenced to 16 Years

Slovakian national Alan Bill, 33, has been sentenced to 16 years in prison after pleading guilty to conspiracy to distribute controlled substances. The Record by...

threat-inteldata-breachgovernment
/SCW Research /MEDIUM /⚙ 3 Sigma

Virginia Man Convicted for Deleting 96 Government Databases

A Virginia man has been convicted on federal charges for deleting 96 government databases and illicitly accessing an individual’s email account through password theft. This...

threat-inteldata-breachgovernment
/SCW Research /MEDIUM