Nintendo officially confirmed today that hackers got unauthorized access to almost 160,000 user accounts from the start of the month. From last week onwards, lots of people started complaining about hackers using customer’s payment card info to purchase other stuff and Nintendo games.
A good number of Nintendo account holders confirmed that they were having a tight and unique password that is hard to guess. They also further confirmed that the passwords were not leaked anywhere online before.
Now that the company has officially confirmed that the hackers made use of the NNID integration to gain access to hundreds of thousands of Nintendo accounts.
For starters, NNID is Nintendo Network ID. NNID is a legacy login system that is used to managed manage old Wii u or Nintendo 3DS platforms.
Newer Nintendo device users could link their old NNID accounts to the new Nintendo profile. This integration was exploited by hackers to get into the account of users. Nintendo hasn’t specified how exactly the hackers exploited the NNID integration.
After getting into the user’s account, hackers used the added payment method to purchase Fornite currency and other Nintendo games.
Account information like Nintendo nicknames, date of birth, country, region, email addresses is leaked by hackers.
Nintendo started prompting the password reset. Impacted users will receive a new prompt to reset the password of their account. The prompt will appear both on the Nintendo profile as well as NNID accounts. Users are advised to set two different passwords for NNID accounts and main Nintendo profiles.
“We sincerely apologize for any inconvenience caused and concern to our customers and related parties. In the future, we will make further efforts to strengthen security and ensure safety so that similar events do not occur,” said the company said. “”
Nintendo also recommends other users to change their password and set a new unique password.