Around 160,000 Nintendo accounts comprised in data beach Nintendo confirms breach following investigation into reports of unaurthourised third-parties accessing user accounts

Haydn Taylor Senior Staff Writer Friday 24th April 2020 Share this article Share

Companies in this article Nintendo

Update, April 24, 2020: Nintendo Japan today confirmed that around 160,000 users accounts have been illegally accessed by third-parties.

While no credit card information was exposed, affected users had their nickname, email address, date of birth, gender, and country data exposed.

Nintendo said there is currently no evidence of a breach to its databases, servers or services, but an investigation is still on-going.

As a precautionary measure, users will no longer be able to login using their Nintendo Network ID; all other sign-in options will remain available.

Nintendo will also be contacting affected users, advising them to reset their passwords and set-up two-factor authentication.

"During the investigation, in order to deter further attempts of unauthorised sign-ins, we will not reveal more information about the methods employed to gain unauthorised access," said the company in a statement.

"We apologise for the inconvenience and concerns caused to our customers, and we will continue working hard to safeguard the security of our users' data."

Original story, April 21, 2020: Nintendo is investigating a potential security breach after dozens of users reported unauthorised login attempts to their accounts.

Earlier this week, Nintendo advised users to activate two-factor authentication following a spate of third-party logins.

The issue was first highlighted by Twitter user Pixelpar, and was met with over 50 responses from people with similar concerns.

"We are aware of reports of unauthorized access to some Nintendo Accounts and we are investigating the situation," a Nintendo spokesperson told VGC.

"In the meantime, we recommend that users enable two-step verification for their Nintendo Account as instructed here.

"If any users become aware of unauthorized activity, we encourage them to take the steps outlined at [link] or visit [Nintendo Support] for general support."

This news comes just two weeks after Nintendo Japan revealed a number of third-party logins had accessed user credit card data.