Buying Guides
by Review Geek

Browse All Buying Guides
How-to Geek Best Of Badge Award

Reader Favorites

8 Best Wireless Mechanical Keyboards
5 Best Places to Buy Vinyl Records Online
8 Best Hot Swappable Mechanical Keyboards
Apps to Share Your Location with Family
The 5 Best Trip Planning Apps
The Best Multi-Device Mice and Keyboards for Power Users
7 LEGO Alternatives That Still Work With LEGO Bricks

More from Review Geek

Browse All Buying Guides
Browse All Latest News

Review Geek Editorials

Why Everyone Needs to Stock up on Power Banks
I Switched to a Galaxy S21 and I Hate It
I Tried Carvana: It Was Worse Than The Dealer
Why We Can't Recommend Wyze or eufy Cameras
Don't Buy an Electric Riding Lawn Mower
Don't Buy This Fake 16TB Portable Hard Drive
You Don't Really Ever Own an EV

More from Review Geek

Browse All Reviews
Browse All Buying Guides
How-to Geek Editor Choice Badge Award

Across LifeSavvy Media

FROM LIFESAVVY
Grelife 24in Oscillating Space Heater Review: Comfort and Functionality Combined
VCK Dual Filter Air Purifier Review: Affordable and Practical for Home or Office
FROM HOW-TO GEEK
Incogni Personal Information Removal Service Review: Hands Off My Data!
SIMO Solis Lite Hotspot Review: Pocket-Sized Wi-Fi Wingman
We select and review products independently. When you purchase through our links we may earn a commission. Learn more.
X
Popular Searches
News

Another 140,000 Nintendo Accounts Were Vulnerable to Attack

Josh Hendrickson
Josh Hendrickson
Editor in Chief

Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read more...

About Review Geek
@canterrain
| 1 min read
Bowser in Cat form from Supe Mario 3D
Nintendo

In our last episode of “don’t reuse your passwords for every service,” Nintendo announced that bad actors attempted to compromise 160,000 accounts. Now the company is back (Japanese language) to say the problem may extend to yet another 140,000 accounts.

Just as before, Nintendo hasn’t suffered a direct breach. The initial problem stemmed from the company’s decision to allow users to link newer Nintendo Accounts with older Nintendo IDs (NNID). That allowed you to bring information forward from previous systems. But, it also opened users to vulnerabilities, specifically users who reuse passwords.

Rather than try to breach Nintendo directly, hackers will rely on credential stuffing. They’ll grab stolen data from other known breaches, and try to reuse those email and password combinations to access accounts on new sites.

What Is Credential Stuffing? (and How to Protect Yourself)
RELATEDWhat Is Credential Stuffing? (and How to Protect Yourself)

That allowed them to log into somebody else’s Nintendo account and access their Paypal payment details to make fraudulent purchases. Nintendo shut down NNID linking already, but now it’s saying another 140,000 accounts were vulnerable. The problem is, again, password reuse. Nintendo is proactively resetting passwords and contacting affected users.

Password reuse is a scourge that puts users at risk, and more companies (like Nest, Ring, and now Nintendo) are pledging to require two-factor authentication to help stop the problem. But for your own sake, if you haven’t already, you should start using a password manager and stop reusing passwords.

Source: Nintendo via Engadget

Josh Hendrickson Josh Hendrickson
Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read Full Bio »