Recently, an increased number of Nintendo users have reported that their accounts were being hacked. Nintendo acknowledged the growing amount of complaints and said they were “investigating the situation.” The company has now taken to their Japanese website to confirm that hackers have been accessing user accounts via a breach in the Nintendo Network ID (NNID) login method. Nintendo estimates around 160,000 NNID’s have been potentially affected. Hackers were able to acquire login information and make unauthorized purchases from their victim’s accounts.
Nintendo assures that actual credit card information was not compromised in the hacking despite these unauthorized purchases. However, any email addresses, date of birth, and country/region linked to a user’s NNID were all at risk. NNID’s originate from the 3DS and Wii U era, but Switch users can still use these legacy accounts to log in. Due to the hacking, the company has now done away with NNID logins for newer Nintendo Accounts. Accounts that appear to have been affected will see automatic password resets for their account.
Nintendo UK released a statement on the situation urging users to enable two-step verification and take extra precautions. They chose to be coy about the exact methods utilized by hackers to gain account access to avoid further attempts. They did, however, reassure users that the situation is not widespread, saying “there is currently no evidence pointing towards a breach of Nintendo’s databases, servers or services.” If a user discovers any unauthorized purchases in their account, the company encourages them to request a cancellation. Nintendo UK provides a Nintendo Account recovery process link for users who believe their account was compromised.
It’s still unclear where exactly the source is for the NNID login information. The company says the source is something “other than our service.” They are continuing to investigate the issue.