Earlier this week, we heard reports of Nintendo Switch owners dealing with unauthorized login attempts with their Nintendo accounts. Today, Nintendo broke its silence on the matter, issuing an alert in which it confirmed that around 160,000 accounts have been impacted in this spate of unauthorized logins. With that in mind, Nintendo is changing the way Nintendo account logins work.
According to an article on Nintendo’s Japanese support site, it seems that these rogue logins had something to do with Nintendo Network IDs. Before the Nintendo account came along with the arrival of the Switch, Nintendo Network IDs were used for devices like the 3DS and Wii U. Switch users could still log into their Nintendo account using their NNIDs assuming the two were linked, but moving forward, Nintendo will disable that functionality.
Nintendo says that it will reset passwords for Nintendo accounts and NNIDs that were affected by this. It will notify those whose accounts were accessed, and the next time those users log into their Nintendo accounts, they’ll be prompted to change their passwords. The standard rules of creating a strong password are in effect here: Don’t use passwords that are already in use for other log ins, use a password manager if you can, and turn on two-factor authentication to keep your account more secure.
While Nintendo says that credit card information wasn’t directly viewable, stored payment information could have been used to make unauthorized purchases. Nintendo says that users should examine their purchase history to make sure everything is on the up-and-up, and if they discover purchases that shouldn’t be there, they should reach out to Nintendo to cancel them.
So, it seems that Nintendo is working to address this issue, but 160,000 accounts suffering from unauthorized logins is still pretty severe. Here’s hoping Nintendo has sorted out the issues with the Nintendo Network IDs and Nintendo accounts so this doesn’t happen again, but really, if you’ve got a Nintendo account and you don’t have two-factor authentication turned on, it’s time to change that