Nintendo, the Japanese gaming company responsible for the Switch and Animal Crossing, has released a statement confirming that 300,000 Nintendo accounts have been hacked. The company admitted that hackers have gained access to personal information such as birthdays and email addresses but not credit card details.
An initial breach affecting 160,000 accounts occurred in April this year, while another 140,000 hacked accounts have since been discovered. The hackers started with Nintendo Network IDs which is used for Wii U and Nintendo 3DS devices, and then began breaching Nintendo Accounts, which is used for the Nintendo Switch and can be used for purchases at the company’s official online store.
In a statement, Nintendo said, “We deeply apologise for causing trouble and worries to customers,” pledging to “enhance security … to prevent this happening again”. Nintendo also said that fraudulent purchases from hacked Nintendo Accounts represented only a fraction of total sales, and promised to reimburse victims if it had not already done so.
Our concern with these breaches lies not only with the compromised accounts (like being charged for fraudulent purchases), but also how the personal information stolen can be used to perpetrate other cyber-crimes like identity theft and social engineering to hack into more important online accounts (say, banking accounts).
If you have a Nintendo account, it won’t hurt to check your purchase history for any unauthorized transactions, and if there are any, to request a refund. Consider changing your password and enhancing your security settings as well.