Game company Nintendo has officially confirmed that there were some accounts that were illegally accessed by some unknown source.
Nintendo gives statement
The game company confirmed recently that there are up to 160,000 accounts that were illegally accessed in a privacy breach. For those who were affected by the breach, personal data might be viewable by someone else like the nickname, email, date of birth, gender, and more.
The Japanese website gave a statement that it was confirmed that the issue started on its own Nintendo Network ID log-in system. This is one of the many methods to log into an account. The gaming company has now disabled this system and has reset the NNID passwords.
The gaming company now advises its account holders to use a different password for the NNID and Nintendo account. After that set up the two-factor authentication method.
No servers accessed
In a follow up statement, Nintendo revealed that there was no evidence to suggest that its own databases, servers, or services have been accessed. This suggested that the log-in data that was used to access the accounts were acquired somewhere else. The company will not give more details about the attack in order to protect its clients.
Here is Nintendo’s full statement:
Important Notice
We would like to provide an update on the recent incidents of unauthorised access to some Nintendo Accounts.
While we continue to investigate, we would like to reassure users that there is currently no evidence pointing towards a breach of Nintendo’s databases, servers or services. As one action in our ongoing investigation, we are discontinuing the ability to use a Nintendo Network ID to sign in to a Nintendo Account. All other options to sign-in to a Nintendo Account remain available.
As a further precaution, we will soon contact users about resetting passwords for Nintendo Network IDs and Nintendo Accounts that we have reason to believe were accessed without authorisation.
In addition, we also continue to strongly encourage users to enable two-step verification for their Nintendo Account as instructed here: How to set-up two-step verification for a Nintendo Account.
If any users become aware of unauthorised activity, we encourage them to take the steps outlined in the article about the Nintendo Account recovery process.
During the investigation, in order to deter further attempts of unauthorised sign-ins, we will not reveal more information about the methods employed to gain unauthorised access.
We apologise for the inconvenience and concerns caused to our customers, and we will continue working hard to safeguard the security of our users’ data.
Source: Eurogamer