Back in April, Nintendo reveal that around 160,000 Nintendo accounts had been targeted in a spate of unauthorized login attempts. Nintendo’s own statement on the matter followed numerous reports from users themselves, and it seemed that most of the affected accounts had an older Nintendo Network ID linked to it. As a result, Nintendo stopped allowing users to log into their Nintendo accounts using their Nintendo Network IDs.
Today, however, we’re learning that this wave of unauthorized logins was worse than originally anticipated. In an update to the original support page detailing the issue, Nintendo says that after further investigation, it’s discovered approximately 140,000 additional accounts that were maliciously targeted.
That, if you’re not keeping track, brings the total number of affected accounts up to 300,000, nearly double the amount Nintendo initially reported. It seems that the hackers gained access to these accounts the same way – by using linked Nintendo Network IDs, which were used with the 3DS and the Wii U – so as a result, Nintendo has reset the passwords to both the affected Nintendo accounts and the NNIDs that were linked to them.
Furthermore, Nintendo says that less than 1% of the compromised accounts were used to make unauthorized purchases, but in the cases of those that were, the company is currently in the process of refunding the fraudulent charges. Nintendo says this process has already finished for most customers, so it sounds like it won’t be much longer before everyone has been refunded.
If you haven’t already, now seems like a really good time to turn on two-factor authentication for your Nintendo account. When these bogus logins were first reported in April, we published a guide on how to do just that, so if you’re looking to beef up your Nintendo account security, that’s a good place to start.