We select and review products independently. When you purchase through our links we may earn a commission. Learn more.

Another 140,000 Nintendo Accounts Were Vulnerable to Attack

Bowser in Cat form from Supe Mario 3D

In our last episode of “don’t reuse your passwords for every service,” Nintendo announced that bad actors attempted to compromise 160,000 accounts. Now the company is back (Japanese language) to say the problem may extend to yet another 140,000 accounts.

Just as before, Nintendo hasn’t suffered a direct breach. The initial problem stemmed from the company’s decision to allow users to link newer Nintendo Accounts with older Nintendo IDs (NNID). That allowed you to bring information forward from previous systems. But, it also opened users to vulnerabilities, specifically users who reuse passwords.

Rather than try to breach Nintendo directly, hackers will rely on credential stuffing. They’ll grab stolen data from other known breaches, and try to reuse those email and password combinations to access accounts on new sites.

That allowed them to log into somebody else’s Nintendo account and access their Paypal payment details to make fraudulent purchases. Nintendo shut down NNID linking already, but now it’s saying another 140,000 accounts were vulnerable. The problem is, again, password reuse. Nintendo is proactively resetting passwords and contacting affected users.

Password reuse is a scourge that puts users at risk, and more companies (like Nest, Ring, and now Nintendo) are pledging to require two-factor authentication to help stop the problem. But for your own sake, if you haven’t already, you should start using a password manager and stop reusing passwords.

Source: Nintendo via Engadget

Josh Hendrickson Josh Hendrickson
Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read Full Bio »