Nintendo confirms 300,000 accounts breached since April, nearly twice as many as first reported

The company recommends users change their passwords and enable two-factor authentication

Adam Smith
Wednesday 10 June 2020 12:01 EDT
Comments
(Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Nintendo has confirmed that hackers breached 300,000 accounts since April.

Hackers had access to personal information including users' birthdays and email addresses, but did not have access to credit card information.

Nintendo reported unauthorised logins on 24 April, where it was thought that approximately 160,000 accounts had been accessed by malicious actors, the company wrote in a Japanese language blog post.

The company now understands that the breach was nearly twice as large, with passwords “obtained illegally by some means other than our service”.

It is resetting user passwords for affected account as well as disabling the option to log into a Nintendo account through a Nintendo Network ID (NNID).

Older accounts could be used to log into 3DS and Wii U consoles, while the Switch uses a new system which can be linked to older accounts.

However, that linking process has been ended in order to stop further purchases being made.

Individuals with unauthorised access to Nintendo accounts could have made purchases through the Nintendo eShop either using virtual coins or via a linked PayPal account.

Some users have seen their accounts used to buy Fortnite VBucks (an in-game currency) which can be worth up to £100, Eurogamer reported.

Nintendo recommends that all users enable two-factor authentication. This is when users are required use another device, such as their mobile phone, in order to log into accounts.

It also suggests not using a password that you have previously used, or one that is used to log into other accounts.

The company said users should investigate incidents and take necessary action, such as cancelling payments and contacting Nintendo about fraudulent purchases.

“We sincerely apologise for any inconvenience caused and concern to our customers and related parties,” Nintendo said. “In the future, we will make further efforts to strengthen security and ensure safety so that similar events do not occur.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in