• News

Nintendo discloses about 160,000 Switch accounts may have been compromised

In a somewhat startling new detail in the recent Switch security debacle, Nintendo stated that around 160,000 accounts may have seen unauthorized access.

TJ Denzer

April 24, 2020 8:00 AM

1

It was just recently that Nintendo brought up and stressed use of two-factor authentication for logins on the Nintendo Switch console - a move which raised some eyebrows. Why now? Well, it seems a wave of illicit logins and unauthorized activity has hit the console’s player community. Nintendo just shared that somewhere around 160,000 Nintendo Switch accounts may have experienced unauthorized logins.

This fact was revealed in in a security report on the Japanese Nintendo Support website on April 24, 2020. Reportedly, the weak point in the system was Nintendo Network IDs (NNID). Nintendo revealed that around 160,000 Switch accounts had seen unauthorized logins via NNIDs. As a direct result, Nintendo has abolished Switch account logins via NNIDs for the foreseeable future. This came along with messaging that affected customers would be emailed to change passwords and that customers logged in via their NNID should instead login via their Nintendo Account email. These and further details to secure your account may be found in the security report linked above.

Nintendo confirms that ~160.000 accounts that use a Nintendo Network ID to login into their Nintendo Account were affected by recent hacking attempts

NNID login has been deactivated now and passwords will be reset for accounts that have been affected

2FA is highly recommended https://t.co/IfxRGJRLNR

— Nibel (@Nibellion) April 24, 2020

This comes on top of the fact that Nintendo has been investigating a growing trend of unauthorized logins and purchases on the Switch system. It would appear that many owners were seeing purchases made via logged credit cards on Nintendo accounts to purchase items like Fortnite VBucks and other such easy-to-access or transfer items. With the NNID observed as a core part of the issue, Nintendo is already taking steps to shut down one end of the wave of illicit access to Nintendo and Switch accounts.

As reported by Eurogamer, it's worth noting that in an English statement from Nintendo, it mentioned that the breach wasn't in Nintendo's own databases, but rather through different breaching different websites to access login data for a seperate service (a tactic known as credential stuffing). It also comes as a reminder to vary your password through different services and/or change it from time to time on particularly important ones. Thanks Masem.

Nintendo also mentioned two-factor authentication once more as a means of extra security for stopping unauthorized access to accounts. Don’t know how to set this up on your console? No worries. Be sure to check out our guide to setting up two-factor authentication on your Nintendo Switch and be extra safe. Stay tuned as we continue to follow this story for further news and information from Nintendo.

TJ Denzer

Senior News Editor

TJ Denzer is a player and writer with a passion for games that has dominated a lifetime. He found his way to the Shacknews roster in late 2019 and has worked his way to Senior News Editor since. Between news coverage, he also aides notably in livestream projects like the indie game-focused Indie-licious, the Shacknews Stimulus Games, and the Shacknews Dump. You can reach him at tj.denzer@shacknews.com and also find him on Twitter @JohnnyChugs.