#customer-data

Unauthorized access to Canadian Tire’s e-commerce database exposed over 38 million customer records, including encrypted passwords, emails, and partial payment data.

Source: SecurityWeek

NVIDIA has confirmed a data breach affecting GFN.AM, a regional Alliance partner operating GeForce NOW cloud gaming services in Armenia and surrounding territories. The breach, which occurred between March 20-26, 2026, was detected on May 2, 2026, and publicly disclosed on May 10, 2026. The incident exposed personal information of users registered with GFN.AM before March 9, 2026, including full names, email addresses, usernames, dates of birth, and two-factor authentication (2FA/TOTP) status.

Scope of the Breach

According to NVIDIA's official statement, the breach was limited to systems operated by GFN.AM and did not compromise NVIDIA's core infrastructure. However, the exact scope across the six other countries managed by GFN.AM remains unconfirmed. Affected users include those who registered for GeForce NOW services through the Armenian regional partner before March 9, 2026.

Exposed data includes:

- Full names - Email addresses - GFN.AM account usernames - Dates of birth - Membership status - 2FA and TOTP enrollment status

NVIDIA emphasized that account passwords were not compromised in this breach, reducing the immediate risk of account takeover attacks.

Attack Vector and Timeline

The unauthorized access to GFN.AM's internal database occurred over a six-day window in late March 2026. The breach went undetected for approximately six weeks, from March 26 to May 2, 2026. This delayed detection is consistent with broader industry trends, where the average dwell time (time between breach and detection) continues to exceed 200 days for many organizations.

While the specific attack vector has not been disclosed, regional partners like GFN.AM typically operate semi-autonomous infrastructure that connects to NVIDIA's central authentication and streaming services. This architecture creates potential security gaps if partner systems don't maintain equivalent security standards.

The ShinyHunters Connection

The threat actor known as ShinyHunters has claimed responsibility for stealing millions of user records during this period, including data from GFN.AM. This group has been running a broader "pay or leak" extortion campaign targeting major gaming and technology companies throughout April and May 2026.

ShinyHunters has previously been linked to breaches at:

- Canvas Learning Management System (275 million records, May 2026) - Rockstar Games (BigQuery data theft, May 2026) - Various third-party analytics platforms serving gaming companies

The group's modus operandi involves exfiltrating data and demanding ransom payments in exchange for deletion, with threats to publicly release the information if demands aren't met.

Risk Assessment for Affected Users

While passwords were not compromised, the exposed data creates several risks:

- Targeted Phishing: Attackers can craft highly personalized phishing emails using names, usernames, and knowledge of GeForce NOW subscription status. - Credential Stuffing: If users reused passwords across services, attackers may attempt to use the exposed email addresses with known password lists. - Social Engineering: Knowledge of 2FA status helps attackers tailor their attack strategies—targeting non-2FA users with account recovery attacks or 2FA users with SIM-swapping attempts. - Identity Correlation: Combined with other breached datasets, this information can be used to build comprehensive profiles for identity theft or fraud.

Broader Implications for Cloud Gaming

This incident highlights the security challenges inherent in cloud gaming's distributed partner model. Services like GeForce NOW rely on regional alliances to deliver low-latency streaming across global markets. Each partner operates infrastructure that must meet both local regulations and the parent company's security standards.

The GFN.AM breach demonstrates that even when the core platform (NVIDIA) maintains strong security, regional partners can become weak links. This creates a supply-chain risk that extends beyond traditional software dependencies to include operational partnerships.

Recommended Actions for Affected Users

If you registered with GFN.AM before March 9, 2026, NVIDIA and security experts recommend:

- Enable Two-Factor Authentication if not already active, especially given that 2FA status was exposed. - Monitor Email Accounts for suspicious messages, particularly those referencing GeForce NOW or NVIDIA services. - Use Unique Passwords across all gaming and technology services to prevent credential stuffing attacks. - Beware of Phishing attempting to impersonate NVIDIA, GFN.AM, or GeForce NOW support. - Check Credit Reports if date of birth exposure raises identity theft concerns in your jurisdiction.

Reflection

The GFN.AM breach is a textbook example of how regional partnership models can introduce security complexity. For NVIDIA, the challenge is balancing global expansion with consistent security oversight across diverse operational partners. For users, it's a reminder that cloud gaming services—like any online platform—carry inherent data risks.

The fact that passwords weren't compromised is a small victory, but the exposure of personal information and 2FA status still creates meaningful risk. As cloud gaming continues to grow, particularly in emerging markets, the industry must ensure that security standards scale with expansion—not just at the core, but across every node in the distribution network.

Magento 2 : set customer data in local store to load properly with varnish anywhere

Using pipeline deployment for Magento 2 Or using Magento commerce cloud, you need to make you code compatible with varnish cache. I have faced issue with customer session after setup varnish on server to load my required system defined and custom customer attributes.

Here is the fair solution to load customer data using Magento 2 local storage. Follow the steps given below and no issues more!!

cr…