×
Cookies help us deliver our Services. By using our Services, you agree to our use of cookies. Learn More.

Nintendo's account breach was worse than we thought

Someone has been hacking Nintendo accounts over the last few months, much to the chagrin of loyal Nintendo fans. A few months ago, it appeared as though the issue had been handled.

However, according to a post from Nintendo's Japanese customer support site (translation via Eurogamer), the problem was far from over. In fact, the hacking issues experienced by Nintendo were worse and more widespread than Nintendo or customers previously thought. Nintendo is reporting that the number of accounts compromised by hacking activities were around 300,000.

The reason this number is especially troubling is because it seems to continue a trend of Nintendo waiting to provide customers with straight answers regarding the hacks. While Nintendo says that it reset the passwords for the compromised accounts and contacted the affected account holders, it's worrisome to some users that a statement wasn't made sooner to all customers. 

Even after this latest announcement, some customers are expressing surprise at not having been properly informed. One fan on Twitter said they had been wondering why someone from Europe had continuously tried to access their account.

Back in April, Nintendo Switch owners began to notice a series of issues that seemed to be related to people hacking their personal Nintendo accounts. It seemed to all come together when Pixelpar, the founder of Nintendo fansite Lootpots, tweeted to his followers that he was pretty sure his account had been hacked multiple times. Multiple people then came forward with similar stories, with some claiming that outside parties had used their Nintendo accounts to make in-game purchases. 

Adding to the suspicion was the fact that Nintendo's Twitter accounts had tweeted a reminder to users that they needed to set up two-factor authentication to protect their accounts. It wasn't until Pixelpar's story was picked up by several news outlets that Nintendo seemingly decided to make an announcement specifically regarding the hacks.

At the time, Nintendo issued a statement confirming that some illegal activity had occurred and that the company was investigating it. It seemed as though the hackers were using some kind of software that masked their VPNs, because some users were reporting multiple login attempts a day from entirely different parts of the world. The same hackers appeared to be working from locations in the United States, Thailand, and other areas. This possibly accounted for why Nintendo was having such a difficult time hunting down the culprits. 

What Nintendo could confirm around that time was that around 160,000 accounts had been compromised over the course of the hacks. While Nintendo continued to investigate the situation, the company once again urged users to change their passwords and to activate two-step verification to protect their identities. Nintendo also didn't want to comment on how the attacks were possible, because it did not want other hackers to take advantage of the same gaps in security.

However, with this latest number, we now know that nearly twice as many accounts were compromised than was previously reported. 

In light of this discovery, Eurogamer reached out to Nintendo, which provided this response: "While there is no evidence that Nintendo's databases, servers or services were breached, and while we can confirm that no credit card information was compromised, we took precautionary measures to help safeguard our customers. We discontinued the ability to use a Nintendo Network ID to sign in to a Nintendo Account, and we reached out to all customers whose accounts we had reason to believe were accessed without authorisation to help them take additional steps to protect themselves."

Though it is true that no credit card information was compromised, some of the hackers were still able to use accounts that were linked to a credit card or bank account to make purchases. One customer complained that their account had been used to purchase in-game currency in Fortnite

Hacking continues to be a major issue in modern gaming. Red Dead Online is infested with hackers, some of whom have taken to unleashing bizarre creations onto unsuspecting players. Grand Theft Auto Online was recently swarmed with hackers when the Epic Games Store gave away Grand Theft Auto 5 for free. Meanwhile, Riot Games is taking an interesting initiative against hackers by offering to pay out $100,000 to anyone who can crack the anti-cheat software in their new game, Valorant.

It is still unknown how the hackers were able to get into so many different accounts and how they are still evading detection. Luckily, it appears as though Nintendo is on top of this and has rooted out the exact problem. The next step appears to be making sure that every customer is more aware of the issue.