If you’ve recently had an unauthorized purchase or two on your Nintendo Account you are not alone. Nintendo confirmed on their Japanese website earlier today that over 160,000 accounts have been compromised.
It would appear hackers found a way to access user and password date for Nintendo’s older Nintendo Network IDs (NNID), which was the system widely used for the 3DS and Wii U. The Nintendo Switch uses a more general Nintendo Account, but users could link the two and use their NNID to login to their Nintendo Account.
Due to the NNIDs being compromised Nintendo has removed the NNID logins from Nintendo Accounts. Linked accounts that appear to have been hacked will receive an automatic password reset. The company went on to say that users who used the same password for both their NNID and Nintendo Account were targeted, and that you should request a cancellation for any purchase on your account you didn’t make. Nintendo has also advised users to enable two-factor authentication to help avoid any future hacks.
According to Nintendo UK, the company doesn’t believe there has been a breach in their security, so it’s anyone’s guess as to how the hackers obtained the NNID data that they did. Nintendo did confirm that affected users shouldn’t worry about their credit card information, as the hackers only had access to users’ nicknames, dates of birth, countries, genders, and email addresses. You know, the little things.
If you are concerned whether you were impacted by this or not log into your Nintendo Account and check your purchase history. If you see anything you know you didn’t buy reset your password and request a cancellation.