NVIDIA confirms a regional GeForce NOW partner in Armenia got breached - millions of user records exposed but NVIDIA's own systems are intact

NVIDIA confirmed Friday that a third-party GeForce NOW Alliance partner based in Armenia (GFN.am) was breached. The hacker, using the ShinyHunters handle on BreachForums, claims to have stolen names, email addresses, dates of birth, membership status, and 2FA enrollment status of millions of users - and is selling the database for $100,000. NVIDIA says its own systems are unaffected and the regional partner is notifying impacted users. The actor is suspected to be a ShinyHunters impersonator rather than the original gang. The partner serves users in Armenia, Georgia, Kazakhstan, Moldova, Ukraine, and Uzbekistan.

Check

If you or staff use GeForce NOW from Armenia, Georgia, Kazakhstan, Moldova, Ukraine, or Uzbekistan, log in to gfn.am and check for breach notifications. Search inbox for GeForce NOW or NVIDIA-themed emails since May 5.

Affected

GeForce NOW users registered through GFN.am, the Armenia-based regional partner serving Armenia, Georgia, Kazakhstan, Moldova, Ukraine, and Uzbekistan. Records reported leaked include names, email addresses, dates of birth, membership status, and 2FA enrollment - but not passwords. Acute risk for users who reused the GFN.am password elsewhere.

Fix

Reset GFN.am passwords and any other accounts using the same password. Enable 2FA if not already on. Treat any inbound emails referencing your real NVIDIA or GeForce NOW account details as hostile - go to gfn.am directly. For organizations: regional alliance partners often have weaker security than the parent vendor - audit which third-party regional services hold employee or customer data.