NVIDIA Confirms GeForce NOW Security Incident, Says Core Platform Not Affected

NVIDIA has confirmed a security incident affecting its cloud gaming ecosystem, following claims by the ShinyHunters group. Initial reports pointed to a potential breach of the GeForce NOW platform, but the company clarified that its own infrastructure remains secure.

According to findings highlighted by The Cybersec Guru and later confirmed via reporting from VideoCardz, the incident involves a third-party Alliance partner rather than NVIDIA’s global systems.

Incident limited to the Armenian GeForce NOW partner

NVIDIA stated that the breach affects a regional provider operating under its Alliance partner program. The impacted service, known as GFN.am, runs localized GeForce NOW infrastructure in Armenia and manages its own user data.

The company emphasized that the issue does not extend to NVIDIA-operated servers or global GeForce NOW accounts. This significantly narrows the scope of the incident compared to early speculation.

Potential exposure of regional user data

While full technical details remain undisclosed, reports suggest that some user records tied to the Armenian service may have been accessed. The exact type of data exposed has not been publicly confirmed.

Only users registered through the Armenian partner appear to be at risk. NVIDIA indicated that affected individuals will receive direct notifications from the regional provider.

Why third-party partners matter in GeForce NOW

GeForce NOW operates through a hybrid model. NVIDIA runs its core global infrastructure, while certified Alliance partners deliver localized services in specific regions.

These partners handle their own systems, including user databases and regional operations. As a result, security incidents at the partner level do not necessarily impact the broader platform.

What users should do now

Users connected to the Armenian GeForce NOW service should stay alert for suspicious activity. Phishing attempts using NVIDIA or GeForce NOW branding may increase following the incident.

It is recommended to avoid clicking unknown links, verify communications carefully, and update account passwords if they were used on the affected service.

NVIDIA response and ongoing investigation

NVIDIA confirmed it is working closely with the impacted partner to investigate the breach and contain any damage. The company moved quickly to clarify the limited scope, aiming to prevent confusion about a wider compromise.

At this stage, there is no indication of a systemic breach affecting NVIDIA’s global infrastructure.

Broader implications for cloud platforms

The incident highlights a recurring risk in distributed cloud services. Even when core systems remain secure, third-party providers can introduce vulnerabilities that affect localized users.

For global users, the situation appears contained. For regional providers, it reinforces the need for stricter security controls and oversight.

In separate developments, comunity released the OpenNOW desktop app for GeForce NOW, expanding access options for users. The company also rolled out the DLSS 4.5 Streamline SDK and introduced a new GeForce RTX 5070 laptop GPU featuring 12GB of GDDR7 memory.