2020 Nintendo data leak


In 2020, two sets of data from Japanese video game developer and publisher Nintendo were leaked via the anonymous imageboard website 4chan. The first leak, in April 2020, included source code for several of Nintendo's video game consoles, including the Wii. The second leak, in July 2020, included the source code for the Nintendo 64 and games including Super Mario 64 and Star Fox 64. These leaks are believed to have originated from a single 2-terabyte archive obtained by hackers in 2018, but only a small portion of this has been released as of July 2020.
The leaks are believed to have come either from companies contracted by Nintendo in the design of these consoles, or from individuals previously convicted of intrusion into Nintendo systems. Video game journalists have described the magnitude of the leaks as unprecedented and expect them to have significant ramifications on legal, emulation, and preservation grounds.

Background

is a Japanese video game developer and publisher that produces both software and hardware. Its hardware products include the handheld Game Boy and Nintendo DS families and home consoles such as the Nintendo Entertainment System, Super NES, Nintendo 64, GameCube, and Wii. Software Nintendo produces includes popular franchises such as Mario, The Legend of Zelda, and Pokémon. In terms of product development, Ethan Gach of Kotaku described Nintendo as "notoriously secretive". The company is known to be proactive to assure its intellectual property in both hardware and software is protected. In a notable case, Nintendo, with the assistance of the US Federal Bureau of Investigation, sought enforcement action against Ryan Hernandez, a hacker who infiltrated Nintendo's internal database to leak plans of what games and hardware Nintendo planned to announce for upcoming shows like the Electronic Entertainment Expo. In January 2020, Hernandez pled guilty to stealing the information from Nintendo.
Beginning in April 2020, a massive trove of stolen data from Nintendo's confidential servers was leaked by hackers via the anonymous imageboard website 4chan. The leaks began to gain significant traction in early May, when source code for Nintendo's consoles appeared online. Because the material included the leaks include specifications around the Wii, one possible source of the leaks was the company BroadOn, which Nintendo had contracted to help design the console. Another possible source was Zammis Clark, a Malwarebytes employee and hacker who had plead guilty to infiltrating Microsoft and Nintendo's servers between March and May 2018 and was sentenced to 15 months in prison in 2019. An anonymous source told journalist Jeremy Kirk of Bank Info Security that Clark sent what he stole to acquaintances, who began to leak the information on 4chan. According to Kirk, Nintendo likely knew the material would eventually be leaked.
The second set of leaked data appeared in late July 2020, containing several gigabytes of data. Journalists and Nintendo fans dubbed this leak the "Gigaleak". The leak comprised information about the Super Nintendo Entertainment System and Nintendo 64 consoles and their games, including prototypes and data related to Star Fox and Star Fox 2, whose veracity was confirmed by Nintendo programmer Dylan Cuthbert. The leak also contained personal files, leading to concerns about privacy depending on how the information was shared.

Contents

The leaked data is estimated to be over two terabytes, though only three gigabytes have been released as of May 4. The oldest material dates to the 1990s. The leaks include:
Source code has been leaked from the following games:

Super NES

In addition to source code, the July 2020 leak included a number of video game prototypes, as well as cut content. A prototype of Yoshi's Island that does not feature Yoshi as the protagonist was uncovered; its title, Super Donkey, suggests it may have been considered as a new Donkey Kong game before being repurposed for Yoshi. Early sprites from various games, including Pilotwings when it was known as Dragonfly, were also discovered.
Among the most notable revelations was the discovery of an official 3D model of Luigi for Super Mario 64, corroborating developer interviewers at the time of the game's release that they had intended to include Luigi as a second co-operative character but had to cut this feature. Another major discovery was level maps intended for an unreleased 64DD expansion pack for The Legend of Zelda: Ocarina of Time.

Commentary

s noted the magnitude of the leaks and labeled them significant and unprecedented. Journalist Alex Donaldson described the leak as "of biblical, rarely heard of proportions", while Lucas White of Siliconera wrote that the leak "could be one of the biggest leaks in the medium's history."

Ramifications

Because the source code of various Nintendo consoles was leaked, journalists have discussed the ramifications that the leak could have. Gach wrote that the leaked information "would be of great interest to emulation enthusiasts, data miners, and anyone curious about" Nintendo's history. The information could be used to enhance the accuracy of Nintendo console emulators or create clone systems that function identically to the original hardware. Such actions, however, would be illegal, and developers who commit them could face prosecution from Nintendo. For instance, the developers of Dolphin, a GameCube and Wii emulator, stated that using any of the leaked source code would lead to the Dolphin project's immediate shutdown. Nonetheless, the financial effects of the leak on Nintendo are expected to be minimal, as the leaked material is over a decade old.
White and Sam Chandler of Shacknews suggested that the leaks would be important for video game preservation efforts. Some preservationists that have looked at the data commented on the meticulous nature that Nintendo used to save its past work, an effort that they wished other video game companies used similar methods as it would greatly assist preservation efforts. However, these preservationists raised moral and ethical questions if they could use the data from the 2020 leaks in a legal manner without knowing their source and legitimacy. Andrew Webster of The Verge found this situation similar to the 2014 Sony Pictures hack, in which "all kinds of salacious internal details" about Sony Pictures were illegally released.