NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce Users

HomeCyber Security News NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce Users By Dhivya May 9, 2026 A data breach at GFN.AM, an authorized NVIDIA GeForce NOW cloud gaming service provider operating under “GFN CLOUD INTERNET SERVICES” LLC, has exposed personal information belonging to registered users. The company disclosed the incident on May 5, 2026, revealing that unauthorized access to its database occurred as far back as March 9, 2026, nearly two months before discovery. The breach was first detected on May 2, 2026, leaving a roughly 54-day window during which threat actors may have had access to user records. GFN.AM confirmed that the unauthorized party gained access to its backend database, allowing sensitive user data to be exfiltrated or viewed by third parties. Critically, only users registered on or before March 9, 2026, are affected. The incident did not impact accounts created after that date. NVIDIA Data Breach According to the official disclosure, the following categories of personal data may have been compromised: Email addresses Phone numbers, for users who registered via a mobile operator Date of birth Full name (first and last), for users who authenticated through Google Sign-In GFN.AM platform username The company emphasized that account passwords were not compromised in this incident, reducing the immediate risk of account takeover. However, the exposed combination of email addresses, phone numbers, and full names poses a significant risk of phishing, SIM swapping, and social engineering targeting affected users. Following the discovery of the breach, GFN.AM stated it took immediate steps to eliminate the root cause of the unauthorized access. The company has also implemented additional organizational and technical security controls to harden its information systems and reduce the likelihood of a similar incident. No further technical specifics, such as whether the access involved a compromised credential, an unpatched vulnerability, or a misconfigured database, were disclosed in the public notice. Security professionals warn that even without password exposure, the leaked data is highly valuable to cybercriminals. Personal identifiers such as full names, phone numbers, and email addresses are routinely used in targeted phishing and credential-stuffing campaigns. Users who authenticated via Google should review their account activity, as their full names were among the exposed fields. Users registered on or before March 9, 2026, should take the following precautions: Monitor email accounts for unusual login attempts or phishing messages. Be cautious of unsolicited calls or SMS messages referencing GFN.AM. Enable multi-factor authentication on linked Google and email accounts. Consider placing a fraud alert with relevant financial institutions if additional personal data is suspected to be involved. GFN.AM has not publicly indicated whether affected users will be notified individually or whether regulatory authorities have been informed of the breach. Cybercriminals now enter through your suppliers instead of your front door – Free Webinar Tags cyber security cyber security news data breach Copy URL Linkedin Twitter ReddIt Telegram Dhivyahttps://cybersecuritynews.com/ Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. Trending News Hackers Abuse Google Ads to Steal Users GoDaddy ManageWP login Credentials New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks Member of Prolific Russian Ransomware Group Sentenced to 102 Months in Prison Beware of Fake ‘Notepad++ for Mac’ Website, Possibly Could Harm your Machine pnpm 11 Turns On Minimum Release Age by Default to Reduce npm Supply Chain Risk Latest News Cyber Security Let’s Encrypt Halts Certificate Issuance After Cross-Signed Root Certificate Incident Cyber Security Critical Microsoft 365 Copilot Vulnerabilities Expose sensitive Information Cyber Security News New PamDOORa Backdoor Attacking Linux Systems to Steal SSH Credentials Cyber Security News Hackers Deploy Modular RAT With Credential Theft and Screenshot Capture Capabilities Cyber Security Škoda Security Incident Exposes Customers Data From Online Shop