In April, Nintendo confirmed that about 160,000 user accounts for the Nintendo Network ID had been impacted by unauthorized logins. When it announced that breach, Nintendo said that while personal information could’ve been viewed by the third party, credit card information remains safe. Despite that promise, some users reported that their accounts had been used by in-game items in games like Fortnite.
Nintendo has now announced that the April data breach was considerably worse than initially believed. The data breach reportedly impacted another 140,000 Nintendo Network IDs. That means that in all, the breach affected 300,000 accounts.
Nintendo says that the additional 140,000 accounts had their password reset, and the customers were contacted. Nintendo wrote in its updated message today:
“We posted a report on unauthorized login on April 24th, but as a result of continuing the investigation after that, there were approximately 140,000 additional NNIDs that may have been accessed maliciously. It turned out that it was. We have also reset the passwords for these 140,000 NNIDs and the Nintendo accounts that were linked with them, and contacted the customer separately. At the same time, we are taking additional security measures.
Less than 1% of all NNIDs around the world that may have been illegally logged in may have actually been fraudulently traded through their Nintendo account. We are still in the process of refunding in each country, but we have already finished refunding for most customers.”