As a first step, Nintendo announced in April that 160,000 accounts had been hacked. In reality, that’s almost double.
On social networks, testimonials from Nintendo game users worried that suspicious purchases were being charged to their accounts. As a first step, the Japanese brand advised users to enable dual authentication on their accounts. And on April 24th, the video game giant acknowledged a security flaw and the hacking of 160,000 accounts. But today, the group reveals that it is actually 300,000 accounts that have been hacked.
According to Nintendo, personal data (email address, date of birth…) may have been registered by the hackers. On the other hand, no bank data could be accessed. Only people who had linked a means of payment to their Nintendo account could be victims of unauthorised purchases.
“We’re deeply sorry.
The cybercriminals broke into the Nintendo Network ID system, which allows players to manage their accounts for the older Wii U and Nintendo 3DS systems, to reach Nintendo Accounts, the system used by players to make purchases from the group’s online shop.
However, according to the company, less than 1% of the 300,000 accounts, including Fortnite’s players, have experienced fraudulent purchases in recent months. It assures that most users have already received refunds.
“We are deeply sorry for the inconvenience and concern caused to those involved. We will strive to improve security to ensure that this does not happen again,” said Nintendo in a statement. To close the loophole, Nintendo has reset the passwords of all accounts that may have been affected.