Increase in Unauthorized Access to Nintendo Accounts
Reports of unauthorized access to Nintendo accounts increased over the weekend. Several users replied to threads on Twitter, Reddit and Resetera. In their posts they revealed that their accounts had also been hacked. It seems that third parties have logged in to other users accounts from locations around the globe, such as Russia, Indonesia, Poland, the US and China.
Credit Card Details Used to Buy Digital Goods
To make things worse, it appears that third parties are also using linked credit card and PayPal details. Some users reported that they had lost from $100 to $300. With this money, the criminals have bought Nintendo games and Fortnite V-Bucks. Every person affected seems to have their payment details linked to their Nintendo account, but some don’t even have Fortnite installed. So, some alarm bells should have gone off straight away.
Nintendo is Investigating the Situation
Nintendo has acknowledged the situation and has started an investigation. How the accounts are getting hacked is currently unknown. The source does not seem to be a data breach, as was the case with the recent Webkinz leak. However, even users with unique and strong passwords and persons using password managers are reporting unauthorized logins. This suggests that something serious might be going on, other than simple credential stuffing or brute-force attacks.
Enable Two-Factor Authentication
If you have a Nintendo account you can check the sign-in history to see if anyone else has accessed your account. You can do this by logging into your account and selecting “Sign-in and Security Settings”. Just in case, you can also log off all your devices, change your password and then log back in. Furthermore, Nintendo advises users to enable two-factor authentication. You can find detailed instructions on how to set-up 2-step verification for a Nintendo account on the Nintendo support page.