NVIDIA Says GeForce NOW Breach Was Limited to Armenian Partner GFN.am

NVIDIA has confirmed that a GeForce NOW data breach affected users of GFN.am, an Armenia-based regional partner, not NVIDIA-operated services. The incident exposed personal information for some GFN.am users, but the company says account passwords were not compromised.

GFN.am disclosed the incident on May 5, 2026. According to the company’s notice, unauthorized access to its database occurred on March 9, 2026, and the breach was discovered on May 2, 2026.

The breach affects users who registered with GFN.am on or before March 9, 2026. Users who created accounts after that date are not affected, according to the company’s disclosure.

What happened

GFN.am said an unauthorized party accessed its database, which may have made some user data available to third parties. The company did not disclose the exact number of affected accounts.

NVIDIA told reporters that its own services were not affected. The company said the incident involved infrastructure operated by a regional partner and that it is working with that partner on the investigation.

The distinction matters. This was not described as a breach of NVIDIA’s global GeForce NOW infrastructure. It was a breach tied to GFN.am, the local service provider behind the affected GeForce NOW accounts.

At a glance

Item	Details
Affected service	GFN.am GeForce NOW partner platform
Parent brand involved	NVIDIA GeForce NOW
Reported breach date	March 9, 2026
Discovery date	May 2, 2026
Public disclosure date	May 5, 2026
Affected users	GFN.am users registered on or before March 9, 2026
Passwords exposed	No, according to GFN.am

What data may have been exposed

GFN.am said the exposed data may include email addresses, dates of birth, and GFN.am usernames. Some users may have had additional details exposed depending on how they registered or logged in.

Users who registered through a mobile operator may have had phone numbers exposed. Users who signed in through Google may have had their first and last names exposed.

The company said account passwords were not compromised. That lowers the immediate risk of direct account takeover, but the exposed data still creates phishing and social engineering risks.

Exposed data categories

Data type	Who it may affect
Email address	Affected GFN.am users
Date of birth	Affected GFN.am users
GFN.am username	Affected GFN.am users
Phone number	Users who registered through a mobile operator
First and last name	Users who authenticated through Google Sign-In
Password	Not exposed, according to GFN.am

Why users should still be careful

Even without passwords, this data can help attackers create convincing phishing messages. A message that includes a real name, username, phone number, or date of birth can look more trustworthy than a generic scam.

Attackers may also use the breach for targeted SMS scams, fake support messages, Google account phishing, payment renewal scams, or fake GeForce NOW account warnings.

Users should treat unexpected emails, calls, and text messages about GFN.am, GeForce NOW, subscription problems, account verification, refunds, or security checks with caution.

What GFN.am says it has done

GFN.am said it took steps to remove the root cause of the unauthorized access after discovering the incident. The company also said it added organizational and technical measures to strengthen its systems.

The public notice did not explain whether the breach involved stolen credentials, a software vulnerability, a misconfigured database, or another access path.

NVIDIA said impacted users will receive notifications from GFN.am. Users who had GFN.am accounts before March 9 should watch for direct communication from the service.

What affected users should do now

• Watch for phishing emails that mention GFN.am, GeForce NOW, NVIDIA, subscriptions, or account security.
• Do not click login links from unexpected emails or SMS messages.
• Open GFN.am and Google account pages manually from the browser instead of using message links.
• Enable multi-factor authentication on email and Google accounts.
• Review recent Google account activity if you used Google Sign-In with GFN.am.
• Be cautious with unexpected phone calls asking for codes, passwords, or payment details.
• Change reused passwords on other sites, even though GFN.am says passwords were not exposed.
• Report suspicious messages that claim to come from GFN.am or NVIDIA.

Why the breach is not the same as an NVIDIA-wide incident

Some early claims online framed the incident as a wider GeForce NOW breach. NVIDIA has pushed back on that framing and said its own operated services were not affected.

The confirmed incident centers on GFN.am. That makes the breach narrower than a compromise of NVIDIA’s main GeForce NOW platform, but still serious for users whose personal details were exposed.

Regional partners often operate local infrastructure, billing flows, or user services for cloud gaming platforms. If one partner system is breached, users of that partner can face risk even when the main vendor’s systems remain unaffected.

Summary

1. GFN.am disclosed a data breach on May 5, 2026.
2. NVIDIA said the incident affected a regional partner, not NVIDIA-operated services.
3. Users registered with GFN.am on or before March 9, 2026 may be affected.
4. Exposed data may include email addresses, usernames, dates of birth, phone numbers, and names in some cases.
5. Passwords were not compromised, according to GFN.am, but users should watch for phishing and social engineering attempts.

FAQ