A recent hack to Nintendo rendered their users with compromised accounts and with the former leaving users with unauthorized purchases.
Nintendo originally confirmed the case back in April 24, 2020 via a press release where it claimed that at least 160,000 accounts had been illegally accessed.
The said press release can be viewed directly from Nintendo’s Japanese website.
Western audiences who are keen on reading the said press release may be able to do so via a Chrome-based web browser with English translation enabled.
Looks like I fell victim the series of account hacks hitting Nintendo accounts. Someone charged $99 to my PayPal account to buy V-Bucks for in Fortnite (not my account).
This happened today, but @NintendoAmerica support is closed. Very frustrating. https://t.co/PY6ch8pH5r
— Sean Buckley 🍹 (@seaniccus) April 27, 2020
Trails of the Incident
Users who had been subject to the hacking incident received an email warning them that there is an access to their accounts using an unidentified IP address.
The issue started as early as the onset of April.
Users are subsequently told not to be able to log into their accounts via the Nintendo Network ID (NNID).
In response to recent incidents related to some Nintendo Accounts, it is no longer possible to sign into a Nintendo Account using a Nintendo Network ID. We apologise for any inconvenience caused. Please visit our Support website for more information: https://t.co/NWyXLiS1wR
— Nintendo of Europe (@NintendoEurope) April 24, 2020
Despite concerns of compromising user information on payment details, Nintendo assures its customers of the information’s safety.
Instead, only less sensitive data such as nickname, birth date, and email addresses were exposed.
In addition, those affected with the hack also got fraudulent charges with their accounts.
Not a Server Breach
Although initial suspicion is strong that the illicit access of accounts may have occurred through server breaches, Nintendo denies the rumor.
However, it did not reveal how the transgression took place. That is, for fear that it might only give others the idea on how to exploit the system’s weakness.
In light of the hacking incident, individuals shared their concerns on Twitter, typically regarding the issue of illicit purchases. The amount charged to each account varies from one to the next. However, the recorded value is taken ranges between $99 and $300.
I get home from work and during the drive home my Nintendo account was hacked and they spent 300 dollars on fortnite… ;-; I need a hug
— Coach Beefcake (714k) (@WerewolfCoach) April 17, 2020
Looking into the comments, it appears that the alleged hacker had a fascination for Fortnite. Following the expenditures with the account led to the game.
Other times, the purchases were made for Nintendo games.
https://twitter.com/Vexonym/status/1252000090652360704
Needs Consumer Participation
Inundated with the number of people affected by the incident, Nintendo is encouraging everyone to review their account’s purchase history.
Specifically, with the intent of spotting anything suspicious that needs to be reported.
As of writing, players will not be able to log into their eShop account using the Nintendo Network ID.
Meantime, Nintendo is suggesting that users enable 2-factor authentication in their account to prevent future similar cases from happening.
Users may be able to do so by logging their account into Nintendo’s web portal and enabling 2FA via the Security page.
Image used courtesy of Pixabay/TheDigitalArtist