Nintendo acknowledged on Friday that it suffered a major privacy breach, with the accounts of up to 160,000 people having been accessed. The breach began in early April, and linked to its Nintendo Network ID login system, the company said on its Japanese support site.

It warned that impacted players’ nicknames, dates of birth, regions and email addresses may have been viewed by a third party, and that unauthorized digital purchases could’ve been made in Nintendo’s eShop. However, it noted that no credit card information was stolen.

Prior to Nintendo’s statement, players were complaining on social media that hackers were spending hundreds of dollars on Fortnite currency and other digital goods, as reported on Prosyscom Tech.

Nintendo users took to social media to complain that hackers were accessing their Nintendo accounts and then abusing attached payment card info to buy Fortnite currency and other Nintendo games.

The company disabled the ability to log in using your Nintendo Network ID, and the passwords of impacted accounts will be reset. People whose accounts were breached will be notified via email, and Nintendo recommends you set up two-step verification for your account if you haven’t already.

“We sincerely apologize for any inconvenience caused and concern to our customers and related parties,” Nintendo said on its Japanese site. “In the future, we will make further efforts to strengthen security and ensure safety so that similar events do not occur.”

The company didn’t immediately respond to a request for further comment.