In April, the gaming industry was surprised when Nintendo announced that its system was breached by hackers, who then accessed personal information from its subscribers. Shortly thereafter, a spokesperson from the Japanese gaming company issued a statement that around 160,000 user accounts were compromised by the attack. It then disabled the use of its Nintendo Network ID (NNID), which was used on older systems such as the 3DS and Wii U. However, a new update supposedly confirms that about 300,000 have actually been affected.
Investigations are still ongoing, which led the team to discover that even more accounts were involved. This was communicated via their official website and users were apparently assured that enhanced security measures were in place to handle the situation. Moreover, those who reported fraudulent purchases will be issued refunds, which Nintendo claims is almost complete.
Among the information that was likely stolen by hackers were user's email addresses, country, nicknames, and date of birth. CNN reports that Nintendo wants gamers to know that credit card information was not included in the breach. Nevertheless, those who notice any unauthorised transactions on their purchase history should report it immediately in order to request a refund.
According to Nintendo, "we sincerely apologize to our customers and related parties for any inconvenience and concern. In the future, we will make further efforts to strengthen security and ensure safety so that similar events do not occur." It seems that only those who were still using their NNID were hacked, while those who have registered via the new Nintendo Account system were unaffected.
Based on their findings, even though the credit card information was protected, it did not stop hackers from purchasing items via the payment services linked to the accounts. Most of the users complained about missing funds. Another observation shows that "Fortnite" virtual currency was one of the items being bought by the cybercriminals.
For additional safety, Nintendo recommends that users change their passwords and to enable two-factor authentication on their accounts. A few years back, a similar incident also happened to Sony when hackers targeted PlayStation Network accounts of an estimated 77 million users whose personal information were stolen.