Nival, an independent game developer focused on strategy games, is associated with a 2016 leak indexed by leaksear.ch at 2,575,282 records, with the breach date listed as February 29, 2016 (leaksear.ch metadata, nival.com). Have I Been Pwned describes the incident as a February 2016 attack against Nival that impacted more than 1.5 million accounts (haveibeenpwned.com).
What happened
Have I Been Pwned says Nival was targeted in an attack in February 2016 and was one of several Russian sites affected. HIBP also states the attack was allegedly tied to protest activity around Russian foreign policy regarding Ukraine, but leaksear.ch metadata does not independently confirm motive or attribution (haveibeenpwned.com).
The technical exposure method is not confirmed in the supplied metadata or in the public HIBP entry. Publicly supported facts are limited to the reported attack, the affected organization, the exposed data categories, and the account or record counts reported by HIBP and leaksear.ch metadata.
What data was exposed
The leaksear.ch index identifies email, username, name, and date of birth as searchable fields for this leak (leaksear.ch metadata). Other stored record context includes gender, locale or spoken language, avatar or photo references, social network identifiers, token fields, forum identifiers, registration data, login and logout timestamps, billing status, and website activity fields (leaksear.ch metadata).
HIBP's public breach page lists avatars, dates of birth, email addresses, genders, names, spoken languages, usernames, and website activity as compromised data categories (haveibeenpwned.com). The reviewed metadata and public HIBP page do not list plaintext passwords or payment card numbers for this breach.
Why this matters
Email addresses, usernames, real names, and dates of birth give attackers stronger material for phishing, account recovery abuse, and identity correlation across gaming, forum, and social platforms. Social identifiers and token fields raise additional concern because they may help connect a game account to external profiles or historical sign-in flows. Activity and locale data can also make phishing lures more credible for affected users. Anyone who used Nival services around 2016 should check whether their email, username, name, or date of birth appears in this leak.
Check your exposure
Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include date of birth, email, name, and username.