News Article

Man Arrested for Blackmailing Nintendo with Stolen User Data

Posted by Trevor Chan

Crime doesn't pay

Come on, people. It's one thing to steal the data of Nintendo users, but it's another thing to attempt to blackmail Nintendo with it.

Police in Spain have arrested a man in the southern province of Malaga suspected of stealing the user data of Nintendo gamers, who allegedly then tried to blackmail Nintendo with the unlawfully-gathered information. According to Spain's Ministerio del Interior (Ministry of the Interior), the individual who cannot be named stole data belonging to 4,000 gamers.

It is claimed that the man contacted the Spanish data protection agency and accused Nintendo of negligence. The police said that when Nintendo did not respond to the man's accusations, he began leaking some of the data online. Authorities claim that the man was prepared to release the entire contents of the user database onto the Internet.

At this juncture, it is not clear if the alleged theft took place within Nintendo's own online system or that of a third-party. Nintendo is unable to comment on this matter as an active investigation is still being carried out by the Spanish authorities.


From the web

User Comments (45)



Tylr said:

and that guy's motive was...probably nothing. Well, hope he enjoys the cold floors of the slammer.



Morpheel said:

"I stole from you, you're lame! Now give me money!"
He got a luxurious suite instead.



Hoffkage said:

This guy entered in the administration of this page just by changing the www by admin. No login nor password lol.

Nintendo really should demand the people who made them the web. :/

Also it seems that guy just stole basic user data as mails, direction and the likes.



NintyMan said:

Hackers are bullies, plan and simple. This "negligance" charge was just a ploy for the man to try to get money.



1080ike said:

"Idiot human... does he really believe that he could get away with that? Our plan of recreating the great Kleptron will come to be, no matter what these stupid humans want to do... Mwa ha ha ha ha! They all will suffer for this insult!"
Is probably what Nintendo is thinking.
Honestly, though, that guy was being a moron. From what I could gather from the article, he was just doing it because he felt like it.
EDIT: and because he felt like being mean, can't forget that.



BlackShyGuy said:

What an idiot. Trying to blackmail from the best (and biggest?) video game empire in the world.



TeeJay said:

What the heck was this guy even THINKING?! "Oh, I'll steal some data from the biggest gaming company in the world and blackmail them. They'll bow down to my demands. Yeah, I'm that important. It's not like Nintendo is prepared to handle that sort of situation or anything. DERRPP"

Seriously, trying to blackmail Nintendo is like trying to blackmail the pope.



pixelman said:

He was probably blackmailing them to get them to release Earthbound on the VC. Come on guys, you know he was doing it for you.



Colors said:

So you threaten to let people see how many hours nintendo-users have played unless you get money. Even though that isn't really Nintendo's fault at all. NOOOOOOOOOOOOO! I don't want ANYBODY to know that I enjoy playing video games! My life will be ruined and everybody will make fun of me!



Objection said:

God, this reminds me of one of my favorite lines from the Dark Knight:
"Let me get this straight: You think that your client, one of the wealthiest, most powerful men in the world, is secretly a vigilante who spends his nights beating criminals to a pulp with his bare hands. And your plan is to blackmail this person? Good luck."



SilverBaretta said:

Man, first denying Justin Bieber use of the Mario theme in his movie, now slamming this crazy freak down.... Nintendo's being unusually crackdown-ish lately.



shinesprite said:

Love the Monopoly refrence!

Anyway, I don't see how what this guy did was so bad (the hacking, not the leaking of personal info). He just poked around, found an issue, and was merely willing to point it out for a small, er fee. What's so wrong with that?



ZarroTsu said:

To clarify:

It sounds, to me, that the man attained user data for the sole purpose of either using the fact that he stole data to sue Nintendo for Negligence, or leaking it online in the hopes that his claim would be noticed by others, and Nintendo wrecked by its outcome. If it were successful, Nintendo of Spain might have had their image tainted a bit, or a lot, depending on the end result.

It sounds like a Nintendo hater desperately wanted Nintendo's image ruined, and/or a lot of money to boot. Fortunately, the man was an idiot.



StarDust4Ever said:

That man is a complete idiot. He might as well have submitted the info to Wikileaks or bittorrent. At least that way he would have remained anonymous. It is impossible to successfully blackmail someone without making oneself vulnerable to the authorities. Nintendo declined, and now he rots away...

Justice is served



Starwolf_UK said:

ts not break in and entry if the door is unlocked. Which this was.

It is immature how Nintendo have decided to distort the truths of this story. The truth is they got a subcontractor to make a shoddy website for the 3DS event in Spain (like said earlier you need to change the URL and you've got everyones data, that is terrible website design for holding personal info). Nintendo's version. Oh they much have hacked into US!!!

I think the guys mistake was going to Nintendo first, being ignored (they like to do this) so instead of going to the correct authorities and letting them deal with it (and they would have dealt with it) he shows he is serious and is informed of being arrested. He heads down to the station himself, gives a statement (I think he also hands the evidence in), gets a lawyer and walks free awaiting trial.

Basically both side are in the wrong here. Nintendo needs to stop seeing these things as blackmail and stop responding with intimidation or legal threats. You would have thought they might have learned something from the DVD Access library fiasco (the net result was piracy became a lot easier on the Wii...) but in a way you could say they did hence responding with legal action rather than mere intimidation. What was I getting at? Sometimes it can be perceived these individuals try to do Nintendo a favor (or at least its meant to look like that from Nintendo's perspective) but don't get seen seriously so they try to be seen seriously and things take a bad turn there.



theblackdragon said:

@Starwolf_UK: entering without force is still illegal trespass, and attempting to commit a felony therein is still burglary. he tried to blackmail Nintendo, and when they didn't respond he first went to Spain's data protection agency and then started releasing some of the info he'd stolen over the internet. sounds like he was only in it for himself; no one trying to do Nintendo any kind of favor would have started releasing info over the internet -- reported them to the authorities for their own good, certainly, but releasing their info? not so much.

also, I fail to see what Nintendo could've done to prevent this -- kowtow to his every demand? haha, they probably receive at least 10 threatening e-mails a day, and this one probably wasn't even their problem -- many companies outsource web design services, after all; all they'd have to do is place the blame on the company that created the site for 'em. the dude probably should've tried getting in touch with whoever Ninty outsources to in Spain if he wanted to be taken seriously, but the only thing he got was taken out seriously.



LztheQuack said:

@StarWolf: Let's see. He broke into someone's website and stole users' info. What exactly is Nintendo doing wrong here? Last I checked, Nintendo couldn't comment on the situation because there's an active investigation. The news site claimed it was blackmailing



Starwolf_UK said:

@lz20XX. He changed a www into admin thats the break-in. After he alledegy reported it to Nintendo they did nothing. Then when he released the info they did their whole "ha ha we were ignoring you now you'll pay the ultimate price" and then they shut the site down. Basically they didn't act until their pants were caught down. Thats not the way to be with security or even personal info. We give this info in trust that the person on the other end won't have it accessible to anyone who changes a www to admin.

The DVD Access Library was the same. Guy contacts Nintendo quite vaguely "I've got security matters, I'd like to chat to an engineer", calls them out on his blog (they then respond after basically being called out in public...but using his real name instead of his hacker alias?). The lawyer at Nintendo tries to arrange a phone call (to which he refuses as he sees it as a clear attempt to minimise any paper trail, plus the whole its security matters not legal matters). Given time was up for reasonable disclosure (if you find a security flaw generally, you wait for some time before you expose it to give the company time to patch it) he released it. Week after goes through voicemails at work finds they did call him (he never gave Nintendo any phone numbers yet they ring him at work).

Am I saying anyone is right. No. Both sides will hopefully get punished. Nintendo should get the lion's share of it as I believe its blame the pathetic security not the person who broke it.

Maybe I am being a little unfair as it was the people Nintendo outsourced the 3DS event site to that are the problem here as well as how the disclosure was handled.



MeloMan said:

People really have too much time on their hands. You'd rather go to jail for foolishness than do something constructive. Guess he won't be passing GO anytime soon...



Rm88 said:

This guy blackmailing Nintendo is not speculation, he actually did it. His first mail was "I found this security hole, fix it please. I should report you to the authorities, but I like your products so let's see if we can negotiate before I do that". The website was faulty, that's not Nintendo's fault since they didn't designed it, it's 8media who should be blamed.



Treetop said:

OMG Nintendo Spain INFO LEAK!
Stupid hacker luckily i dont connect to the Nintendo WFC if id did the info of my email would be stolen! Nitendo upgrade your surcurity



supermonkey117 said:

That's what will be done now treetop he's really just done Nintendo a favour and tested there security for them and his reward Nintendo went donkey Kong on his butt what an epic fail. Nintendo doesn't cover up these problems witch i cant say for Sony's playstation Network.



PokemonMasterDarknes said:

What an idiot! So he just woke up in the morning and thought:

"I'm going to attack Nintendo, one of the biggest brands in the world! That's an awesome idea!"

Wrong dude.



GeminiSaint said:

Again... It didn't happen like that, nobody was sent to jail, nobody's data was actually leaked, the guy wasn't a hacker, the worst that could happen to him is to be fined, and even that is unlikely: the likely thing to happen is that the case will be dismissed.
Nobody bothers to check news stories' accuracy anymore?

Leave A Comment

Hold on there, you need to login to post a comment...