If you have a Nintendo account, it might be a good time to change passwords or add a two-step verification process. Nintendo has confirmed on their Japanese website that around 160,000 Nintendo accounts have been hacked.
According to a report on Engadget, hackers found a way to exploit the companies Nintendo Network ID (NNID) legacy accounts to gain access to personal information like nicknames and birthdates as well as linked PayPal accounts. While hackers have used the PayPal accounts to make purchases, Nintendo has confirmed that credit card information was not disclosed.
The NNID was the Nintendo account system used primarily on the Wii U and 3DS. Users would create their accounts on the consoles themselves, likely meaning that passwords weren’t as complex or protected as they would be when creating a Nintendo account online as we do now for the Switch. These NNID accounts were linked to the new account system, meaning that hackers could still access the newer account information even as people no longer create or use NNIDs.
In a move to secure all accounts, Nintendo has discontinued the ability to sign into Nintendo accounts using NNIDs. Additionally, anyone whose account was hacked will receive an email with the information of the hacked sign-in. All purchases made through the hacking will be refunded as well.
Nintendo has advised its users to enable two-factor authentication (2FA) on their accounts. This may be good practice in general for users to secure their accounts and information.